General
-
Target
18c8f4022544bf2251e8b95555fa4a3e
-
Size
6.1MB
-
Sample
231225-mz2r2safd6
-
MD5
18c8f4022544bf2251e8b95555fa4a3e
-
SHA1
8348c4b785c767887b2ce18dc9b1c62141cb6396
-
SHA256
72bda43e879bb6258c83bf71b99a1c6b088b7fa6b147c473ebc5005383e5a3d6
-
SHA512
adc22cdab7ea8e35ab54ba494d669aea105aa1ad49d47fad3fb07ce8daee567d44da6745c40c28ad631e669e485bd78cbc63db90fd7c397d52120b1d376b9378
-
SSDEEP
98304:3D2M2pgaPhhWSgYiAZFvMO5evocJ6SQFiv6ci/f69Cr4MnbI6LyHgZVKck0zAjDC:z2Fph/Wj5w5eVGFiDgZLEgnKcRAvdcd
Behavioral task
behavioral1
Sample
18c8f4022544bf2251e8b95555fa4a3e.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
18c8f4022544bf2251e8b95555fa4a3e
-
Size
6.1MB
-
MD5
18c8f4022544bf2251e8b95555fa4a3e
-
SHA1
8348c4b785c767887b2ce18dc9b1c62141cb6396
-
SHA256
72bda43e879bb6258c83bf71b99a1c6b088b7fa6b147c473ebc5005383e5a3d6
-
SHA512
adc22cdab7ea8e35ab54ba494d669aea105aa1ad49d47fad3fb07ce8daee567d44da6745c40c28ad631e669e485bd78cbc63db90fd7c397d52120b1d376b9378
-
SSDEEP
98304:3D2M2pgaPhhWSgYiAZFvMO5evocJ6SQFiv6ci/f69Cr4MnbI6LyHgZVKck0zAjDC:z2Fph/Wj5w5eVGFiDgZLEgnKcRAvdcd
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-