General
-
Target
b625fb6849eed0feea2c9d5032600f75a524e2f20d023b7ba5da7b4fe1ab9ce9
-
Size
3.4MB
-
Sample
230328-gtrr1aba6x
-
MD5
63e0898dbf0716369acd4395fe105646
-
SHA1
62324fe2edac77742878e2b5dc875ad1bfefd015
-
SHA256
b625fb6849eed0feea2c9d5032600f75a524e2f20d023b7ba5da7b4fe1ab9ce9
-
SHA512
eaa497b514b0e2520c93a85fe4f51b34d55fb3bc629cd1286e6022b379647b16eb703f550e79d814b21bb4dac50602ba445834802aa76dd35bf8b803c81a1dd2
-
SSDEEP
98304:AJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:A8D/yIqlhlW4i/QsnwZzjMSeV6
Static task
static1
Malware Config
Targets
-
-
Target
b625fb6849eed0feea2c9d5032600f75a524e2f20d023b7ba5da7b4fe1ab9ce9
-
Size
3.4MB
-
MD5
63e0898dbf0716369acd4395fe105646
-
SHA1
62324fe2edac77742878e2b5dc875ad1bfefd015
-
SHA256
b625fb6849eed0feea2c9d5032600f75a524e2f20d023b7ba5da7b4fe1ab9ce9
-
SHA512
eaa497b514b0e2520c93a85fe4f51b34d55fb3bc629cd1286e6022b379647b16eb703f550e79d814b21bb4dac50602ba445834802aa76dd35bf8b803c81a1dd2
-
SSDEEP
98304:AJuR21C/yIq/dhl/O4i/TksjdFwvhzjMSwRV6:A8D/yIqlhlW4i/QsnwZzjMSeV6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-