General
-
Target
V4.exe
-
Size
11.4MB
-
Sample
230321-zsdg4afa8z
-
MD5
2d0cb9ec97e5abac40a692aab91689c4
-
SHA1
82b37f06255d3c8ec5e088fe5cf7f58fdf27b601
-
SHA256
29a29d55f032057c27090196e48c2cad52bd5bc46642513a344879b95a81f5d6
-
SHA512
33448e712588550d5e77535be52e2e653cd67ffa3e928182d8af68530db3e06960614e7bafcb4c5c66776f72e79954776641406b2e7f0d4946ee7794aceb5d3c
-
SSDEEP
196608:76u3qVKcZ40PqqTOtfsLabW1RoNOL4CRRPG8uVfYW47ZIcZYM2mFIoNqcqT/Cg:76u6C0PqQOtEmbWbhRPG8uVwW4ecZxmD
Behavioral task
behavioral1
Sample
V4.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
V4.exe
-
Size
11.4MB
-
MD5
2d0cb9ec97e5abac40a692aab91689c4
-
SHA1
82b37f06255d3c8ec5e088fe5cf7f58fdf27b601
-
SHA256
29a29d55f032057c27090196e48c2cad52bd5bc46642513a344879b95a81f5d6
-
SHA512
33448e712588550d5e77535be52e2e653cd67ffa3e928182d8af68530db3e06960614e7bafcb4c5c66776f72e79954776641406b2e7f0d4946ee7794aceb5d3c
-
SSDEEP
196608:76u3qVKcZ40PqqTOtfsLabW1RoNOL4CRRPG8uVfYW47ZIcZYM2mFIoNqcqT/Cg:76u6C0PqQOtEmbWbhRPG8uVwW4ecZxmD
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-