General
-
Target
xvtOZIuNfu.exe
-
Size
5.2MB
-
Sample
230326-h74jdshg41
-
MD5
87262f73867c2aae6cad297fa858455a
-
SHA1
ca9648a43e2c36b8a660483e0fc10164a4108f98
-
SHA256
577dbd64daab087699592a9a7b63a5547c7c4595cf8162a818ed40c60d6b3721
-
SHA512
48d04479f7459dfa6fd6b2213e8fbaa7e7db6dbf6b9fd1fe76696068f6fae32aa2c59b7d8efc934b976790c77dba1ab040d02770c2bf218b804e0736557c1ae2
-
SSDEEP
98304:vQN7vXi5fVFmqmecgwRZpux5fa00X05ncifxsOxald4EsqCYxoI:vQVy5vmqmlxNux1B/cRR/4v8X
Behavioral task
behavioral1
Sample
xvtOZIuNfu.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
xvtOZIuNfu.exe
-
Size
5.2MB
-
MD5
87262f73867c2aae6cad297fa858455a
-
SHA1
ca9648a43e2c36b8a660483e0fc10164a4108f98
-
SHA256
577dbd64daab087699592a9a7b63a5547c7c4595cf8162a818ed40c60d6b3721
-
SHA512
48d04479f7459dfa6fd6b2213e8fbaa7e7db6dbf6b9fd1fe76696068f6fae32aa2c59b7d8efc934b976790c77dba1ab040d02770c2bf218b804e0736557c1ae2
-
SSDEEP
98304:vQN7vXi5fVFmqmecgwRZpux5fa00X05ncifxsOxald4EsqCYxoI:vQVy5vmqmlxNux1B/cRR/4v8X
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-