General
-
Target
c1543cb3304a043251cf1c4f17cad84b875a4bd445b6a731af92a77d5210d8c2
-
Size
3.4MB
-
Sample
230327-2cw1lsff47
-
MD5
4b86486d04f3b86e3924784a618e66d6
-
SHA1
71a801a71241a8603ab8409b6bd944dbae4c2d1b
-
SHA256
c1543cb3304a043251cf1c4f17cad84b875a4bd445b6a731af92a77d5210d8c2
-
SHA512
13e6a9daf81e3cb1a9d40ea9062d4a3b23027678d7dd0e90a3e1b06b33ad1ee375a9a1106dc20ae043ea566c99fb14389e3a4a8ee387b0f4cafe1caf2dea8058
-
SSDEEP
98304:dJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:d8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
c1543cb3304a043251cf1c4f17cad84b875a4bd445b6a731af92a77d5210d8c2
-
Size
3.4MB
-
MD5
4b86486d04f3b86e3924784a618e66d6
-
SHA1
71a801a71241a8603ab8409b6bd944dbae4c2d1b
-
SHA256
c1543cb3304a043251cf1c4f17cad84b875a4bd445b6a731af92a77d5210d8c2
-
SHA512
13e6a9daf81e3cb1a9d40ea9062d4a3b23027678d7dd0e90a3e1b06b33ad1ee375a9a1106dc20ae043ea566c99fb14389e3a4a8ee387b0f4cafe1caf2dea8058
-
SSDEEP
98304:dJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:d8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-