General
-
Target
651a5802a98f33b81702ad6b9cffab6c
-
Size
2.7MB
-
Sample
231222-e7ch5adgdk
-
MD5
651a5802a98f33b81702ad6b9cffab6c
-
SHA1
bba38bab3dce4d0864a8610a5293c55b57a37fb3
-
SHA256
e8411ca1f5520ebfcda9b86a641aff862ba51e5beeef9293eedeba5b0f153577
-
SHA512
9c234d37c67343f8f4fdac4a2bd595a5084a25918a74d18ac265a2e5f2982b3d09fa4d10cc3ca1c95eab3c3c154c14730dceb835d2df68115d679c06e7a7e666
-
SSDEEP
49152:IagwUdYBNBsLJ5VT0E4sDMCovX5guKXc/AQFyqiWJlp9Sj60IO5t6Znc1:IibNiLDF0EPD+JAGNoj0O5gO
Behavioral task
behavioral1
Sample
651a5802a98f33b81702ad6b9cffab6c.exe
Resource
win7-20231215-en
Malware Config
Extracted
cryptbot
raspdh35.top
moryei03.top
Targets
-
-
Target
651a5802a98f33b81702ad6b9cffab6c
-
Size
2.7MB
-
MD5
651a5802a98f33b81702ad6b9cffab6c
-
SHA1
bba38bab3dce4d0864a8610a5293c55b57a37fb3
-
SHA256
e8411ca1f5520ebfcda9b86a641aff862ba51e5beeef9293eedeba5b0f153577
-
SHA512
9c234d37c67343f8f4fdac4a2bd595a5084a25918a74d18ac265a2e5f2982b3d09fa4d10cc3ca1c95eab3c3c154c14730dceb835d2df68115d679c06e7a7e666
-
SSDEEP
49152:IagwUdYBNBsLJ5VT0E4sDMCovX5guKXc/AQFyqiWJlp9Sj60IO5t6Znc1:IibNiLDF0EPD+JAGNoj0O5gO
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-