General
-
Target
63e8da8f9ae5b2235362287dbe8604809b51a3ff0e876d9dc7bb7e6e96f3129c
-
Size
3.4MB
-
Sample
230328-tw15nsca25
-
MD5
841282030eb8beeac369093525e1c90e
-
SHA1
8923f672b513134b1d7fffc9e4a67451d1fea805
-
SHA256
63e8da8f9ae5b2235362287dbe8604809b51a3ff0e876d9dc7bb7e6e96f3129c
-
SHA512
18a253d1350dee2ea05778290c998713597ccd209ea8ffd6145eafdd3808c0a5afcab704d9599dde762fef0913051f3ad18280512685b25df47cf58bf4c24fe4
-
SSDEEP
98304:XUwOIEK84WQsykAeYYkAeYUaMImg8C0QuMmJuR21C/yIq/dhl/O4i/TksjdFwvhW:XUwOIEK84WQsykAeYYkAeYUaMImg8C0e
Static task
static1
Malware Config
Targets
-
-
Target
63e8da8f9ae5b2235362287dbe8604809b51a3ff0e876d9dc7bb7e6e96f3129c
-
Size
3.4MB
-
MD5
841282030eb8beeac369093525e1c90e
-
SHA1
8923f672b513134b1d7fffc9e4a67451d1fea805
-
SHA256
63e8da8f9ae5b2235362287dbe8604809b51a3ff0e876d9dc7bb7e6e96f3129c
-
SHA512
18a253d1350dee2ea05778290c998713597ccd209ea8ffd6145eafdd3808c0a5afcab704d9599dde762fef0913051f3ad18280512685b25df47cf58bf4c24fe4
-
SSDEEP
98304:XUwOIEK84WQsykAeYYkAeYUaMImg8C0QuMmJuR21C/yIq/dhl/O4i/TksjdFwvhW:XUwOIEK84WQsykAeYYkAeYUaMImg8C0e
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-