General
-
Target
9fbd26bef6546ed2887599bd71f349cb89b08923fec2192c5c2321fa3b0a4a89
-
Size
3.4MB
-
Sample
230328-b6jz2aab8y
-
MD5
5d661837414820b58691121a36b79646
-
SHA1
1402f33b9bc49fbf0ce111c4f6d07241ced6bd41
-
SHA256
9fbd26bef6546ed2887599bd71f349cb89b08923fec2192c5c2321fa3b0a4a89
-
SHA512
599fa5645615ec0775e0c745cc09b472e92805d6d6354ef2e21b7c5f874f509e0cb56682cd8732f1323681ca9d6fb7339ff56e5e3e8a7c9767f9c39f3847f1ca
-
SSDEEP
98304:WJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:W8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
9fbd26bef6546ed2887599bd71f349cb89b08923fec2192c5c2321fa3b0a4a89
-
Size
3.4MB
-
MD5
5d661837414820b58691121a36b79646
-
SHA1
1402f33b9bc49fbf0ce111c4f6d07241ced6bd41
-
SHA256
9fbd26bef6546ed2887599bd71f349cb89b08923fec2192c5c2321fa3b0a4a89
-
SHA512
599fa5645615ec0775e0c745cc09b472e92805d6d6354ef2e21b7c5f874f509e0cb56682cd8732f1323681ca9d6fb7339ff56e5e3e8a7c9767f9c39f3847f1ca
-
SSDEEP
98304:WJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:W8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-