General
-
Target
a35d8eaf733df01475638f35fec9f9a8543730c7796794bda81402c3eecbc291
-
Size
3.4MB
-
Sample
230328-dwyfsagg37
-
MD5
0e0cd6efee7433ae2e785e8e224936d0
-
SHA1
5a067f75caa7d181a948f88dca23c07bac2f7e3d
-
SHA256
a35d8eaf733df01475638f35fec9f9a8543730c7796794bda81402c3eecbc291
-
SHA512
4dc3bcc0357cba8cd54b79be11b7df3391915bc9a57936f092b6d1476b080a1c8b178ec8acb959e0cbdfc38b62f9550d96a9f9c8476439eb1681b23b94675632
-
SSDEEP
98304:uJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:u8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
a35d8eaf733df01475638f35fec9f9a8543730c7796794bda81402c3eecbc291
-
Size
3.4MB
-
MD5
0e0cd6efee7433ae2e785e8e224936d0
-
SHA1
5a067f75caa7d181a948f88dca23c07bac2f7e3d
-
SHA256
a35d8eaf733df01475638f35fec9f9a8543730c7796794bda81402c3eecbc291
-
SHA512
4dc3bcc0357cba8cd54b79be11b7df3391915bc9a57936f092b6d1476b080a1c8b178ec8acb959e0cbdfc38b62f9550d96a9f9c8476439eb1681b23b94675632
-
SSDEEP
98304:uJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:u8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-