General
-
Target
feffb56578f598490d64289e16a037ac37c3d46f1df41a4013a6dcef225d7e80
-
Size
3.4MB
-
Sample
230328-ff255sag7v
-
MD5
04038a698d34f3dc35b7a3b2ac11678f
-
SHA1
cda7057d389738aa8da47dff465cb377b94ccfc2
-
SHA256
feffb56578f598490d64289e16a037ac37c3d46f1df41a4013a6dcef225d7e80
-
SHA512
07bee3ddc4a8abddb90d685e812838a067e4ae15b0b5b6b765c850fae4bb6bbc552fbff9060413e726f9790a033f42a5c38aa6ab1dc9779df664310867018d2d
-
SSDEEP
98304:wJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:w8D/yIqlhlW4i/QsnwZzjMSeVq
Static task
static1
Malware Config
Targets
-
-
Target
feffb56578f598490d64289e16a037ac37c3d46f1df41a4013a6dcef225d7e80
-
Size
3.4MB
-
MD5
04038a698d34f3dc35b7a3b2ac11678f
-
SHA1
cda7057d389738aa8da47dff465cb377b94ccfc2
-
SHA256
feffb56578f598490d64289e16a037ac37c3d46f1df41a4013a6dcef225d7e80
-
SHA512
07bee3ddc4a8abddb90d685e812838a067e4ae15b0b5b6b765c850fae4bb6bbc552fbff9060413e726f9790a033f42a5c38aa6ab1dc9779df664310867018d2d
-
SSDEEP
98304:wJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:w8D/yIqlhlW4i/QsnwZzjMSeVq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-