General
-
Target
Neptn Spoofer V 5.5.exe
-
Size
3.5MB
-
Sample
230320-s3bb6agc3v
-
MD5
e9d6ab5ce39952ea7f967e486b20d6a7
-
SHA1
84a371042bb4a856991ea785f4937c8ccdce3237
-
SHA256
69e8298ed175a6c67cdf08c943fdfefe429d91d3399399fadf0add9dd7bdc04f
-
SHA512
3b01562bc55224076b293182189f1399fac70b2a108a971b40e08fec8d9ad37f582d8488c1a6417914e3da402426235e363f62b411b52e17f32eb9711ef25e77
-
SSDEEP
98304:YZxzcaGB9YyrCub0J79EWZ6E3KVlSz45bOWunhOXGV:Y/7GBLZb0J7Gb0Hz45bynhT
Behavioral task
behavioral1
Sample
Neptn Spoofer V 5.5.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Neptn Spoofer V 5.5.exe
-
Size
3.5MB
-
MD5
e9d6ab5ce39952ea7f967e486b20d6a7
-
SHA1
84a371042bb4a856991ea785f4937c8ccdce3237
-
SHA256
69e8298ed175a6c67cdf08c943fdfefe429d91d3399399fadf0add9dd7bdc04f
-
SHA512
3b01562bc55224076b293182189f1399fac70b2a108a971b40e08fec8d9ad37f582d8488c1a6417914e3da402426235e363f62b411b52e17f32eb9711ef25e77
-
SSDEEP
98304:YZxzcaGB9YyrCub0J79EWZ6E3KVlSz45bOWunhOXGV:Y/7GBLZb0J7Gb0Hz45bynhT
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-