General
-
Target
5903752a25f8e28a9513478b749444bc.bin
-
Size
6.6MB
-
Sample
230607-ccg41sha4t
-
MD5
5903752a25f8e28a9513478b749444bc
-
SHA1
8b157670d1caac82e986e5ee2eaab108e2ab8277
-
SHA256
049bfff97fbb2c5e53eeed6df36d2c93c7cca199d42c0247c784b39db90f173b
-
SHA512
8621379c897bbc939f949965d3c175b0229995e0b1c5c240c40b337ffe678c056b29b9960bb1087965f55e855e752bca9abb622faa10474df99fbdb8687e9f72
-
SSDEEP
98304:KZhTtczvVIQanrevtxi7tTbHoyqxHqtutYu67GQbUstvlDrjeefbmta4/6ffZ:KZhTt+5arcm1UveEYPbUsjraqbmt+
Behavioral task
behavioral1
Sample
5903752a25f8e28a9513478b749444bc.exe
Resource
win7-20230220-en
Malware Config
Extracted
aurora
89.22.227.50:8081
Targets
-
-
Target
5903752a25f8e28a9513478b749444bc.bin
-
Size
6.6MB
-
MD5
5903752a25f8e28a9513478b749444bc
-
SHA1
8b157670d1caac82e986e5ee2eaab108e2ab8277
-
SHA256
049bfff97fbb2c5e53eeed6df36d2c93c7cca199d42c0247c784b39db90f173b
-
SHA512
8621379c897bbc939f949965d3c175b0229995e0b1c5c240c40b337ffe678c056b29b9960bb1087965f55e855e752bca9abb622faa10474df99fbdb8687e9f72
-
SSDEEP
98304:KZhTtczvVIQanrevtxi7tTbHoyqxHqtutYu67GQbUstvlDrjeefbmta4/6ffZ:KZhTt+5arcm1UveEYPbUsjraqbmt+
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-