General
-
Target
bfc57308fbd340dddfba9e0c59969787ab29af5e62dce9068c632c9e16aa8140
-
Size
3.4MB
-
Sample
230327-17j4vshe6z
-
MD5
0e2632f1332607022ea08a2494b8f063
-
SHA1
7e6d528ce7478adadf6561fbedf349472c571f46
-
SHA256
bfc57308fbd340dddfba9e0c59969787ab29af5e62dce9068c632c9e16aa8140
-
SHA512
ad379540b3d1bc25490bffce0bfd92a548096f17a4d722ca45818a20f67491d9d35ca693f3f85e5540d7364371b84aee9d53dfa233e725b087aea0eae967ebbb
-
SSDEEP
98304:JJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:J8D/yIqlhlW4i/QsnwZzjMSeVq
Static task
static1
Behavioral task
behavioral1
Sample
bfc57308fbd340dddfba9e0c59969787ab29af5e62dce9068c632c9e16aa8140.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
bfc57308fbd340dddfba9e0c59969787ab29af5e62dce9068c632c9e16aa8140
-
Size
3.4MB
-
MD5
0e2632f1332607022ea08a2494b8f063
-
SHA1
7e6d528ce7478adadf6561fbedf349472c571f46
-
SHA256
bfc57308fbd340dddfba9e0c59969787ab29af5e62dce9068c632c9e16aa8140
-
SHA512
ad379540b3d1bc25490bffce0bfd92a548096f17a4d722ca45818a20f67491d9d35ca693f3f85e5540d7364371b84aee9d53dfa233e725b087aea0eae967ebbb
-
SSDEEP
98304:JJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:J8D/yIqlhlW4i/QsnwZzjMSeVq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-