General
-
Target
f9790d98028a4316a159fbe080aee671230e235972881ed6e493980c6a0c0d7d
-
Size
3.4MB
-
Sample
230328-alcjsaga34
-
MD5
6bc19beb032774ef35b27194493d7c2c
-
SHA1
d9317e4a39771d5817b12b295f45bf60fd835422
-
SHA256
f9790d98028a4316a159fbe080aee671230e235972881ed6e493980c6a0c0d7d
-
SHA512
66634c2f4915cc3e05eb9677db540dcf69cab0888151f8360552dfb3728fd20a74a273eefcd29075b37e6d37c6f99cb3c839dc82e1a2443d954cdf1b6f800d40
-
SSDEEP
98304:ZJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:Z8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
f9790d98028a4316a159fbe080aee671230e235972881ed6e493980c6a0c0d7d
-
Size
3.4MB
-
MD5
6bc19beb032774ef35b27194493d7c2c
-
SHA1
d9317e4a39771d5817b12b295f45bf60fd835422
-
SHA256
f9790d98028a4316a159fbe080aee671230e235972881ed6e493980c6a0c0d7d
-
SHA512
66634c2f4915cc3e05eb9677db540dcf69cab0888151f8360552dfb3728fd20a74a273eefcd29075b37e6d37c6f99cb3c839dc82e1a2443d954cdf1b6f800d40
-
SSDEEP
98304:ZJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:Z8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-