General
-
Target
ad9d35e287924a270d35465910be280dddba17a1415d416e89d6b49005078857
-
Size
3.4MB
-
Sample
230328-dejajagf69
-
MD5
c197214dfd6cd7194ba5302b1f76c604
-
SHA1
82bb39e4e8c3c505c32ece9b73e02dd25c8bc2f2
-
SHA256
ad9d35e287924a270d35465910be280dddba17a1415d416e89d6b49005078857
-
SHA512
1b4f6bef7c59e06797068645083ebb267d880fc0d0267fa1366de952732b2cb64e2e0f5edbae2d83156908cc749ed6e1619e9fb5502786513e3e02cd3ebcf1d9
-
SSDEEP
98304:yJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:y8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
ad9d35e287924a270d35465910be280dddba17a1415d416e89d6b49005078857
-
Size
3.4MB
-
MD5
c197214dfd6cd7194ba5302b1f76c604
-
SHA1
82bb39e4e8c3c505c32ece9b73e02dd25c8bc2f2
-
SHA256
ad9d35e287924a270d35465910be280dddba17a1415d416e89d6b49005078857
-
SHA512
1b4f6bef7c59e06797068645083ebb267d880fc0d0267fa1366de952732b2cb64e2e0f5edbae2d83156908cc749ed6e1619e9fb5502786513e3e02cd3ebcf1d9
-
SSDEEP
98304:yJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:y8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-