General
-
Target
17e923ccb022bfb35484861031c3cf547a55b949df5e821c2edd22e64862d269
-
Size
3.4MB
-
Sample
230328-c5e55agf35
-
MD5
b21383166d61746164058b74fc4175a1
-
SHA1
99534e63ab00a3d97afa6bc3dbd05d0c3ce11585
-
SHA256
17e923ccb022bfb35484861031c3cf547a55b949df5e821c2edd22e64862d269
-
SHA512
383175653ad4770c1956c0e218dbffb546719bf383c590413a66436a32def85005c37c50924272afe8e375df0c16e21361ff80b3598cab433c2331dcf27e2d15
-
SSDEEP
98304:kJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:k8D/yIqlhlW4i/QsnwZzjMSeVq
Static task
static1
Malware Config
Targets
-
-
Target
17e923ccb022bfb35484861031c3cf547a55b949df5e821c2edd22e64862d269
-
Size
3.4MB
-
MD5
b21383166d61746164058b74fc4175a1
-
SHA1
99534e63ab00a3d97afa6bc3dbd05d0c3ce11585
-
SHA256
17e923ccb022bfb35484861031c3cf547a55b949df5e821c2edd22e64862d269
-
SHA512
383175653ad4770c1956c0e218dbffb546719bf383c590413a66436a32def85005c37c50924272afe8e375df0c16e21361ff80b3598cab433c2331dcf27e2d15
-
SSDEEP
98304:kJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:k8D/yIqlhlW4i/QsnwZzjMSeVq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-