General
-
Target
58b61b01f847a6699c6fc76d5d422441
-
Size
5.6MB
-
Sample
240113-mpqxsshdd6
-
MD5
58b61b01f847a6699c6fc76d5d422441
-
SHA1
05e2902da549bcdcd482b6c1386989a940f78a98
-
SHA256
04c0bea905c97c8a483cc2733d6ceb96fa1b1733b35001492ad33247f5abb173
-
SHA512
e7f8ae918e7bb027fb269e1b0dd22ec532d1de3c84d64abd771c5a110e0b7c30488ab9303953e054f72c5837af7cd6b635e14b5f91cd1f0a52304f28d717155d
-
SSDEEP
98304:ORSObst7OWQkAhLMZZgwwpEonHb3I37GbJx9XYGrzFsZf+KDX1AHciZF16AzghYX:Otgtb9AVvfTn7G6JH/Ou11o6
Behavioral task
behavioral1
Sample
58b61b01f847a6699c6fc76d5d422441.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
58b61b01f847a6699c6fc76d5d422441
-
Size
5.6MB
-
MD5
58b61b01f847a6699c6fc76d5d422441
-
SHA1
05e2902da549bcdcd482b6c1386989a940f78a98
-
SHA256
04c0bea905c97c8a483cc2733d6ceb96fa1b1733b35001492ad33247f5abb173
-
SHA512
e7f8ae918e7bb027fb269e1b0dd22ec532d1de3c84d64abd771c5a110e0b7c30488ab9303953e054f72c5837af7cd6b635e14b5f91cd1f0a52304f28d717155d
-
SSDEEP
98304:ORSObst7OWQkAhLMZZgwwpEonHb3I37GbJx9XYGrzFsZf+KDX1AHciZF16AzghYX:Otgtb9AVvfTn7G6JH/Ou11o6
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-