General
-
Target
e2d21b630a24aa7d2ef7b24c27942d9ffa14d7f258df75839a572970b77d019d
-
Size
3.4MB
-
Sample
230328-e2a34sgh85
-
MD5
8f7c72d1e3e11bdfd0a629c383115d2f
-
SHA1
a3c168b628860418447f193eef699780edffec3f
-
SHA256
e2d21b630a24aa7d2ef7b24c27942d9ffa14d7f258df75839a572970b77d019d
-
SHA512
f9148affeefdeeb2766f83d4b72585ecb5b4989fa0feffe45a2d107752aac27e5d26c74cabe009ecbefe5cb9fccf101864753a9d2c91f649358fe67317e18505
-
SSDEEP
98304:ZJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:Z8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
e2d21b630a24aa7d2ef7b24c27942d9ffa14d7f258df75839a572970b77d019d
-
Size
3.4MB
-
MD5
8f7c72d1e3e11bdfd0a629c383115d2f
-
SHA1
a3c168b628860418447f193eef699780edffec3f
-
SHA256
e2d21b630a24aa7d2ef7b24c27942d9ffa14d7f258df75839a572970b77d019d
-
SHA512
f9148affeefdeeb2766f83d4b72585ecb5b4989fa0feffe45a2d107752aac27e5d26c74cabe009ecbefe5cb9fccf101864753a9d2c91f649358fe67317e18505
-
SSDEEP
98304:ZJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:Z8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-