General
-
Target
abdd9b57ce77b1b7c8cc86dfe1ca6b2d5ff2a7096800ae56c0b5f10627b180da
-
Size
3.4MB
-
Sample
230328-mg1f9scb6t
-
MD5
6af5b2e6866ba28d18b951b63c4def4d
-
SHA1
aa43b24fa0080621db487b91937cde636faba824
-
SHA256
abdd9b57ce77b1b7c8cc86dfe1ca6b2d5ff2a7096800ae56c0b5f10627b180da
-
SHA512
eb83cb73ef0c53b578a5b700deb95e1cc4bdc252cf39d0800bb12f2e107bda8c2f0bebca4ff37ff628cb856ddb7327fe494ddc2fecaa6f4d3fd8eb2fec298c9c
-
SSDEEP
98304:XUwOIEK84WQsykAeYYkAeYUaMImg8C0QuNAJuR21C/yIq/dhl/O4i/TksjdFwvhW:XUwOIEK84WQsykAeYYkAeYUaMImg8C0l
Static task
static1
Malware Config
Targets
-
-
Target
abdd9b57ce77b1b7c8cc86dfe1ca6b2d5ff2a7096800ae56c0b5f10627b180da
-
Size
3.4MB
-
MD5
6af5b2e6866ba28d18b951b63c4def4d
-
SHA1
aa43b24fa0080621db487b91937cde636faba824
-
SHA256
abdd9b57ce77b1b7c8cc86dfe1ca6b2d5ff2a7096800ae56c0b5f10627b180da
-
SHA512
eb83cb73ef0c53b578a5b700deb95e1cc4bdc252cf39d0800bb12f2e107bda8c2f0bebca4ff37ff628cb856ddb7327fe494ddc2fecaa6f4d3fd8eb2fec298c9c
-
SSDEEP
98304:XUwOIEK84WQsykAeYYkAeYUaMImg8C0QuNAJuR21C/yIq/dhl/O4i/TksjdFwvhW:XUwOIEK84WQsykAeYYkAeYUaMImg8C0l
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-