General
-
Target
NEAS.61ab9d4f3a5493ce8f2959a6eea1bff0.exe
-
Size
2.6MB
-
Sample
231106-b16lvafe4t
-
MD5
61ab9d4f3a5493ce8f2959a6eea1bff0
-
SHA1
d31ca633dafd80e0e603ab3cb84cdc3c3d1d852c
-
SHA256
c70072a79ee4f1793dd6ee13624178c7dbc8c085a99715a2e19f89e59e83d2b3
-
SHA512
a1a50232bb98a03835f1c4d5138c792a069ba8ce408e5d3194ad6cdc1389b939d2b0fc5b3cdadcd6fbf4ec62a08ea1c9a2bb4b43982bbffead01847bc942fd9a
-
SSDEEP
49152:kr+2uK5YdMOMRhPtlRmTIIpMKo+GervVPMrG801uHBPbwwvRsfQ:kr/vDRd1BrGMHVqQ
Behavioral task
behavioral1
Sample
NEAS.61ab9d4f3a5493ce8f2959a6eea1bff0.exe
Resource
win7-20231020-en
Malware Config
Targets
-
-
Target
NEAS.61ab9d4f3a5493ce8f2959a6eea1bff0.exe
-
Size
2.6MB
-
MD5
61ab9d4f3a5493ce8f2959a6eea1bff0
-
SHA1
d31ca633dafd80e0e603ab3cb84cdc3c3d1d852c
-
SHA256
c70072a79ee4f1793dd6ee13624178c7dbc8c085a99715a2e19f89e59e83d2b3
-
SHA512
a1a50232bb98a03835f1c4d5138c792a069ba8ce408e5d3194ad6cdc1389b939d2b0fc5b3cdadcd6fbf4ec62a08ea1c9a2bb4b43982bbffead01847bc942fd9a
-
SSDEEP
49152:kr+2uK5YdMOMRhPtlRmTIIpMKo+GervVPMrG801uHBPbwwvRsfQ:kr/vDRd1BrGMHVqQ
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Modifies AppInit DLL entries
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-