General
-
Target
efa126459d5e131513692c151dd54fcaa2c97d023c0c17a5872aa66a2d85f8ab
-
Size
3.4MB
-
Sample
230328-mlltnsad89
-
MD5
39104d544b57b6d42aca5453221475f6
-
SHA1
7248532b14217511ca155c7228643cb7369582bd
-
SHA256
efa126459d5e131513692c151dd54fcaa2c97d023c0c17a5872aa66a2d85f8ab
-
SHA512
426af31498210c7c3f7944cc6a48f472729f0e9ad2673af5b0ebef9273ee7e11f5f12411626e64c64d77fae72251dec484f0714ed519acd18b706f80e2ba790c
-
SSDEEP
98304:qUwOIEK84WQsykAeYIkAeYUaMImg8C0Qu3JuR21C/yIq/dhl/O4i/TksjdFwvhz6:qUwOIEK84WQsykAeYIkAeYUaMImg8C0i
Static task
static1
Malware Config
Targets
-
-
Target
efa126459d5e131513692c151dd54fcaa2c97d023c0c17a5872aa66a2d85f8ab
-
Size
3.4MB
-
MD5
39104d544b57b6d42aca5453221475f6
-
SHA1
7248532b14217511ca155c7228643cb7369582bd
-
SHA256
efa126459d5e131513692c151dd54fcaa2c97d023c0c17a5872aa66a2d85f8ab
-
SHA512
426af31498210c7c3f7944cc6a48f472729f0e9ad2673af5b0ebef9273ee7e11f5f12411626e64c64d77fae72251dec484f0714ed519acd18b706f80e2ba790c
-
SSDEEP
98304:qUwOIEK84WQsykAeYIkAeYUaMImg8C0Qu3JuR21C/yIq/dhl/O4i/TksjdFwvhz6:qUwOIEK84WQsykAeYIkAeYUaMImg8C0i
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-