General
-
Target
3459f3a3d65fa445d1eb52611ac55f6c.bin
-
Size
6.5MB
-
Sample
230325-bmt1wsce3w
-
MD5
37bb213fa7553ef3bf57666283b0eb2f
-
SHA1
850d13afb3c7ad12ddbf4ec615d7b0658d0391d2
-
SHA256
3f13b7b6809971fe0004de8053da65c1f76b2eed90b25ee00d8a7eb0087ef871
-
SHA512
7e9d345162bf3ef8407a4efda8f3e7ae0fd81362ac2075b2f0925937dba62084f4dfd5d06ddb960d777a9a4d570809576664b9c0978230c59e364ce16871acec
-
SSDEEP
196608:pghD4JO2Eo8U1KIjzqRTXZQMgRBhVxvyYYlsjDSXJ:gR2sU1KSzqpgR/VFYl6w
Behavioral task
behavioral1
Sample
9c85d76526d585038392e1af504886580d096e9646de2907b73feab521920944.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
9c85d76526d585038392e1af504886580d096e9646de2907b73feab521920944.bin
-
Size
6.6MB
-
MD5
3459f3a3d65fa445d1eb52611ac55f6c
-
SHA1
135c835edfeec60e41bc1b24f1a10ad7a86c9a00
-
SHA256
9c85d76526d585038392e1af504886580d096e9646de2907b73feab521920944
-
SHA512
1dbf42476304cefd859754f1d8219c0b37cc5b2885527f874245a37df5e1145dbcc1ff1ce34bdf0fa47df8a503e37244ff07a37bb92e8f2514533d8a89926d8b
-
SSDEEP
98304:MsRRwjPcDZ3IFTbWJ6tWUQSPZyq2XOD6gwosVvC8pQ6TYupGFBUMnEB:MsRKjkNcyDVSROtgwJVvHjTrUIMni
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-