General
-
Target
a0ae17fec9cc2599805480adfca3ab1f9db4c100c25d5939f5585ce76cc2b230
-
Size
3.4MB
-
Sample
230328-fhknwaag8y
-
MD5
b5c5f6531aaa91b3ecfd8202ba41f38b
-
SHA1
d102174f6ebeb420a5171912649b50516728f17d
-
SHA256
a0ae17fec9cc2599805480adfca3ab1f9db4c100c25d5939f5585ce76cc2b230
-
SHA512
ab67e0dc3ae6b3d60c314bbf479d50fec6360d3d0c3d645789d3f3b641f3b55d6f65b21c9f57b735caa7bca35ffc6c999f6b9ad2afb6715db57603cbfd42d028
-
SSDEEP
98304:ZJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:Z8D/yIqlhlW4i/QsnwZzjMSeVq
Static task
static1
Malware Config
Targets
-
-
Target
a0ae17fec9cc2599805480adfca3ab1f9db4c100c25d5939f5585ce76cc2b230
-
Size
3.4MB
-
MD5
b5c5f6531aaa91b3ecfd8202ba41f38b
-
SHA1
d102174f6ebeb420a5171912649b50516728f17d
-
SHA256
a0ae17fec9cc2599805480adfca3ab1f9db4c100c25d5939f5585ce76cc2b230
-
SHA512
ab67e0dc3ae6b3d60c314bbf479d50fec6360d3d0c3d645789d3f3b641f3b55d6f65b21c9f57b735caa7bca35ffc6c999f6b9ad2afb6715db57603cbfd42d028
-
SSDEEP
98304:ZJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRVq:Z8D/yIqlhlW4i/QsnwZzjMSeVq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-