General
-
Target
8a7719ee5bdcc9b69f0e84119c0818d8ece9ef401f645bd10fb4d4c92c983b1a
-
Size
3.4MB
-
Sample
230328-qlhnssbc36
-
MD5
5e97b518de975729742e3a63780794b6
-
SHA1
c240a9fafb611989dec640dd3a5374c47295b56f
-
SHA256
8a7719ee5bdcc9b69f0e84119c0818d8ece9ef401f645bd10fb4d4c92c983b1a
-
SHA512
4320c491f9b7b8a5f789bc199524d7b5a9d2cdf55ae0a33849282aa91f3cc6856ac1fd4e428766de70234e126abae6d42deab8fea4324443e1909a8b5d5e2dde
-
SSDEEP
98304:QUwOIEK84WQsykAeYIkAeYUaMImg8C0QuNoJuR21C/yIq/dhl/O4i/TksjdFwvhm:QUwOIEK84WQsykAeYIkAeYUaMImg8C0p
Static task
static1
Malware Config
Targets
-
-
Target
8a7719ee5bdcc9b69f0e84119c0818d8ece9ef401f645bd10fb4d4c92c983b1a
-
Size
3.4MB
-
MD5
5e97b518de975729742e3a63780794b6
-
SHA1
c240a9fafb611989dec640dd3a5374c47295b56f
-
SHA256
8a7719ee5bdcc9b69f0e84119c0818d8ece9ef401f645bd10fb4d4c92c983b1a
-
SHA512
4320c491f9b7b8a5f789bc199524d7b5a9d2cdf55ae0a33849282aa91f3cc6856ac1fd4e428766de70234e126abae6d42deab8fea4324443e1909a8b5d5e2dde
-
SSDEEP
98304:QUwOIEK84WQsykAeYIkAeYUaMImg8C0QuNoJuR21C/yIq/dhl/O4i/TksjdFwvhm:QUwOIEK84WQsykAeYIkAeYUaMImg8C0p
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-