General
-
Target
3cc459c79a91b295877528ada8f56c56
-
Size
50KB
-
Sample
240101-nwhensaahl
-
MD5
3cc459c79a91b295877528ada8f56c56
-
SHA1
9d894c7e220fe02d29c4da9092ad4174326787c6
-
SHA256
5a7eccf9dd4b02b2b134ac0acf10d6db32a3e5778455d81750f8827571c9100e
-
SHA512
03e6e3ffc00a8a6c0c9ab189879403ca8542092611a17fc530f32765a28d86de6e624b9955fd188e0517475f76632bde0cfa231752d0bb8e4610ad501dacba2e
-
SSDEEP
1536:3OQ5F+U+337lxJpKE5gJLcxB3pwEidGkq5:3p5kU+Zpz54wtOEmNq5
Malware Config
Targets
-
-
Target
3cc459c79a91b295877528ada8f56c56
-
Size
50KB
-
MD5
3cc459c79a91b295877528ada8f56c56
-
SHA1
9d894c7e220fe02d29c4da9092ad4174326787c6
-
SHA256
5a7eccf9dd4b02b2b134ac0acf10d6db32a3e5778455d81750f8827571c9100e
-
SHA512
03e6e3ffc00a8a6c0c9ab189879403ca8542092611a17fc530f32765a28d86de6e624b9955fd188e0517475f76632bde0cfa231752d0bb8e4610ad501dacba2e
-
SSDEEP
1536:3OQ5F+U+337lxJpKE5gJLcxB3pwEidGkq5:3p5kU+Zpz54wtOEmNq5
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-