General
-
Target
8b024bbdf0f332992ca3b3f08c2a93acd8e8d409c547d4ca498c68c94a73b4be
-
Size
8.8MB
-
Sample
230509-yjrgxsdh47
-
MD5
da9306b28d4ce35d398af95bf1231e0d
-
SHA1
cf9868cbe91555972945273a2bc9f8d6563945d8
-
SHA256
8b024bbdf0f332992ca3b3f08c2a93acd8e8d409c547d4ca498c68c94a73b4be
-
SHA512
b3634e4d44699b947e1faca554c07aab8c4afffde998b999a9ad9a6a8f889e29b6941861e7dbee97d7c170d61b48c493970cbeda81811c1a5d7aaaae175e7806
-
SSDEEP
196608:9IptQCD1kd5y25V2t/T2xWxTXhxTmKGttqrce:9IpGCRqFz2t/6xWhQKioP
Malware Config
Targets
-
-
Target
8b024bbdf0f332992ca3b3f08c2a93acd8e8d409c547d4ca498c68c94a73b4be
-
Size
8.8MB
-
MD5
da9306b28d4ce35d398af95bf1231e0d
-
SHA1
cf9868cbe91555972945273a2bc9f8d6563945d8
-
SHA256
8b024bbdf0f332992ca3b3f08c2a93acd8e8d409c547d4ca498c68c94a73b4be
-
SHA512
b3634e4d44699b947e1faca554c07aab8c4afffde998b999a9ad9a6a8f889e29b6941861e7dbee97d7c170d61b48c493970cbeda81811c1a5d7aaaae175e7806
-
SSDEEP
196608:9IptQCD1kd5y25V2t/T2xWxTXhxTmKGttqrce:9IpGCRqFz2t/6xWhQKioP
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Stops running service(s)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-