General
-
Target
f14ff29c31fb7f6a27e75f925000475fd103a924466a55426e1ea314870df500
-
Size
3.4MB
-
Sample
230328-bfa97sgb59
-
MD5
03e57c419d5bf3221c69a098085f9ff2
-
SHA1
a7d708e9f356be139f90c2db787939e9a5eb4f2e
-
SHA256
f14ff29c31fb7f6a27e75f925000475fd103a924466a55426e1ea314870df500
-
SHA512
8c8fab2114e5d05d3d5c85558e4e7480fb93e210bc1dadc001131c2292034083f7920721396ffeedba65cdb0dcde0faee2b36f05e2e46b06749564dd5c398a83
-
SSDEEP
98304:kJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:k8D/yIqlhlW4i/QsnwZzjMSeVq
Static task
static1
Malware Config
Targets
-
-
Target
f14ff29c31fb7f6a27e75f925000475fd103a924466a55426e1ea314870df500
-
Size
3.4MB
-
MD5
03e57c419d5bf3221c69a098085f9ff2
-
SHA1
a7d708e9f356be139f90c2db787939e9a5eb4f2e
-
SHA256
f14ff29c31fb7f6a27e75f925000475fd103a924466a55426e1ea314870df500
-
SHA512
8c8fab2114e5d05d3d5c85558e4e7480fb93e210bc1dadc001131c2292034083f7920721396ffeedba65cdb0dcde0faee2b36f05e2e46b06749564dd5c398a83
-
SSDEEP
98304:kJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:k8D/yIqlhlW4i/QsnwZzjMSeVq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-