General
-
Target
5840b28d0e6e88d0bd44803d74faf62b
-
Size
2.6MB
-
Sample
240113-hj2d5aedh9
-
MD5
5840b28d0e6e88d0bd44803d74faf62b
-
SHA1
24f30bb0de4b05b29db76a234b5b7a2d9331fc50
-
SHA256
94f4e88d6d4dd425968bd6a683d3b5722eb3bd52e9d89be85771c5490930871d
-
SHA512
f66c5e831f0c78ef27a8948248cd49007ac86273351f00809090a3481399ed89ffef81576ce8c3990a1b2830396812dfa9c4690984eb63a3c34f076de68ac3ee
-
SSDEEP
49152:2CErthheABivIh1aY/7mECJCX1m13Uif0OBWXQ8TcdVoY4JExZ1noktkdWemIO4:2CmVzXhz/7mECJCX1ab/IA8uVP42LokY
Behavioral task
behavioral1
Sample
5840b28d0e6e88d0bd44803d74faf62b.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
5840b28d0e6e88d0bd44803d74faf62b
-
Size
2.6MB
-
MD5
5840b28d0e6e88d0bd44803d74faf62b
-
SHA1
24f30bb0de4b05b29db76a234b5b7a2d9331fc50
-
SHA256
94f4e88d6d4dd425968bd6a683d3b5722eb3bd52e9d89be85771c5490930871d
-
SHA512
f66c5e831f0c78ef27a8948248cd49007ac86273351f00809090a3481399ed89ffef81576ce8c3990a1b2830396812dfa9c4690984eb63a3c34f076de68ac3ee
-
SSDEEP
49152:2CErthheABivIh1aY/7mECJCX1m13Uif0OBWXQ8TcdVoY4JExZ1noktkdWemIO4:2CmVzXhz/7mECJCX1ab/IA8uVP42LokY
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-