General
-
Target
e1f816580b7bc165dece180f277b49972ee1937da5fbf8ad66301721421d58bf
-
Size
3.4MB
-
Sample
230327-17qawaff22
-
MD5
15720b49943d91b0fc1c85a324f8a003
-
SHA1
29795b9b75c9684e3e06c01b91084125f4eb84d6
-
SHA256
e1f816580b7bc165dece180f277b49972ee1937da5fbf8ad66301721421d58bf
-
SHA512
5ca50134799e2189f0c8d945dc22d12bac14c563a42141fbc8d6404d1d42b527bb7c643a481b8ffcd4ecea079ce6b532ab24272db9ee0c9983bf5734a725b13e
-
SSDEEP
98304:7JuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:78D/yIqlhlW4i/QsnwZzjMSeVq
Static task
static1
Behavioral task
behavioral1
Sample
e1f816580b7bc165dece180f277b49972ee1937da5fbf8ad66301721421d58bf.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
e1f816580b7bc165dece180f277b49972ee1937da5fbf8ad66301721421d58bf
-
Size
3.4MB
-
MD5
15720b49943d91b0fc1c85a324f8a003
-
SHA1
29795b9b75c9684e3e06c01b91084125f4eb84d6
-
SHA256
e1f816580b7bc165dece180f277b49972ee1937da5fbf8ad66301721421d58bf
-
SHA512
5ca50134799e2189f0c8d945dc22d12bac14c563a42141fbc8d6404d1d42b527bb7c643a481b8ffcd4ecea079ce6b532ab24272db9ee0c9983bf5734a725b13e
-
SSDEEP
98304:7JuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:78D/yIqlhlW4i/QsnwZzjMSeVq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-