General
-
Target
5891d1d66b82e3402a802001767f4e4658540894434f8782890b8fa5bb6ec9b2
-
Size
3.4MB
-
Sample
230327-13g4psfe59
-
MD5
81ab01019e8366be47824b7231094c81
-
SHA1
da42bdeefc2f10a34b19f6223d7c0ad6a68251e9
-
SHA256
5891d1d66b82e3402a802001767f4e4658540894434f8782890b8fa5bb6ec9b2
-
SHA512
edbae1f7df2ee65f0b9f86c27bf090578227e01bb87607689c40e4b3c880ec40d719b49578324f801fd2475a191e7444afbe74e57b56b803c40f884fa6f671fc
-
SSDEEP
98304:MJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:M8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
5891d1d66b82e3402a802001767f4e4658540894434f8782890b8fa5bb6ec9b2
-
Size
3.4MB
-
MD5
81ab01019e8366be47824b7231094c81
-
SHA1
da42bdeefc2f10a34b19f6223d7c0ad6a68251e9
-
SHA256
5891d1d66b82e3402a802001767f4e4658540894434f8782890b8fa5bb6ec9b2
-
SHA512
edbae1f7df2ee65f0b9f86c27bf090578227e01bb87607689c40e4b3c880ec40d719b49578324f801fd2475a191e7444afbe74e57b56b803c40f884fa6f671fc
-
SSDEEP
98304:MJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:M8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-