General
-
Target
2ea5f6e04f91a09e233ade31fed3b3c87702a5a5c11e7c01cc569348e8ebaafd
-
Size
3.4MB
-
Sample
230327-26ba1ahf8t
-
MD5
08899c2e8bf3307f7e7b9a04034084fa
-
SHA1
9b7e679eadb12fb51e73adac88cc3dae66eb366f
-
SHA256
2ea5f6e04f91a09e233ade31fed3b3c87702a5a5c11e7c01cc569348e8ebaafd
-
SHA512
d373f3ff3862a286c1afb41acb1febacef7e26161e6f113f0600c013dd8466c4a1a4931072654479b9a8d13f1aa384851e8657a0c75b9037dde70b56489bc9a8
-
SSDEEP
98304:cJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVu:c8D/yIqlhlW4i/QsnwZzjMSeVu
Static task
static1
Malware Config
Targets
-
-
Target
2ea5f6e04f91a09e233ade31fed3b3c87702a5a5c11e7c01cc569348e8ebaafd
-
Size
3.4MB
-
MD5
08899c2e8bf3307f7e7b9a04034084fa
-
SHA1
9b7e679eadb12fb51e73adac88cc3dae66eb366f
-
SHA256
2ea5f6e04f91a09e233ade31fed3b3c87702a5a5c11e7c01cc569348e8ebaafd
-
SHA512
d373f3ff3862a286c1afb41acb1febacef7e26161e6f113f0600c013dd8466c4a1a4931072654479b9a8d13f1aa384851e8657a0c75b9037dde70b56489bc9a8
-
SSDEEP
98304:cJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVu:c8D/yIqlhlW4i/QsnwZzjMSeVu
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-