General
-
Target
bfe690c70a017eae22836c22be899c24
-
Size
300KB
-
Sample
231220-rbb9psged8
-
MD5
bfe690c70a017eae22836c22be899c24
-
SHA1
5a2c33e2e735b5487c42d492f0a69cb3595b160d
-
SHA256
9aab635c734c81a8432cf7534340b5d96d1b4a6e9f6856f5c42b73643545041a
-
SHA512
007f1746504f63878851954e6a003f59035492fabc5b4ad8ee4e30c8fa97b9686b99db21e90de039f1f54c8406ce64c6d3bb412c4e8ee1a5f9e95d11d2f6da4b
-
SSDEEP
6144:hJJAZwui5UNLMadqLKlkJqdCjMBH7+ty82bN3bF:7JAZwwNwad+jYHat+pp
Behavioral task
behavioral1
Sample
bfe690c70a017eae22836c22be899c24.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
bfe690c70a017eae22836c22be899c24
-
Size
300KB
-
MD5
bfe690c70a017eae22836c22be899c24
-
SHA1
5a2c33e2e735b5487c42d492f0a69cb3595b160d
-
SHA256
9aab635c734c81a8432cf7534340b5d96d1b4a6e9f6856f5c42b73643545041a
-
SHA512
007f1746504f63878851954e6a003f59035492fabc5b4ad8ee4e30c8fa97b9686b99db21e90de039f1f54c8406ce64c6d3bb412c4e8ee1a5f9e95d11d2f6da4b
-
SSDEEP
6144:hJJAZwui5UNLMadqLKlkJqdCjMBH7+ty82bN3bF:7JAZwwNwad+jYHat+pp
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-