General
-
Target
58c8906065cabfab0c890bcfbe5e413047d202a8d63c5a91d2fa412105a51640
-
Size
3.4MB
-
Sample
230328-pye8rscf81
-
MD5
7ec965e32ac74c0bca472f4fc57167af
-
SHA1
4111886321f09463ab0ae76820eb0d4042a5fac0
-
SHA256
58c8906065cabfab0c890bcfbe5e413047d202a8d63c5a91d2fa412105a51640
-
SHA512
54ba7bbeb52fa749ae7f549962daf00a473a05d0e4420f1208378d4d44f3df208878d9bc6a5e02cc851ebf1c3b6412019783803ae80781e068f4ae3e07758409
-
SSDEEP
98304:IUwOIEK84WQsykAeYXkAeYUaMImg8C0QuetJuR21C/yIq/dhl/O4i/TksjdFwvh9:IUwOIEK84WQsykAeYXkAeYUaMImg8C0e
Static task
static1
Malware Config
Targets
-
-
Target
58c8906065cabfab0c890bcfbe5e413047d202a8d63c5a91d2fa412105a51640
-
Size
3.4MB
-
MD5
7ec965e32ac74c0bca472f4fc57167af
-
SHA1
4111886321f09463ab0ae76820eb0d4042a5fac0
-
SHA256
58c8906065cabfab0c890bcfbe5e413047d202a8d63c5a91d2fa412105a51640
-
SHA512
54ba7bbeb52fa749ae7f549962daf00a473a05d0e4420f1208378d4d44f3df208878d9bc6a5e02cc851ebf1c3b6412019783803ae80781e068f4ae3e07758409
-
SSDEEP
98304:IUwOIEK84WQsykAeYXkAeYUaMImg8C0QuetJuR21C/yIq/dhl/O4i/TksjdFwvh9:IUwOIEK84WQsykAeYXkAeYUaMImg8C0e
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-