General
-
Target
c067cf39d43b39a560eca901609bc4d403f53f565d22370a0e9458b4e91a6824
-
Size
7.2MB
-
Sample
240411-swytwahe6s
-
MD5
e22f713ca51e6ac129ed8dab1bedb8a6
-
SHA1
61280be1fa0cee8c8148bdd167eb7176bb1df1b8
-
SHA256
c067cf39d43b39a560eca901609bc4d403f53f565d22370a0e9458b4e91a6824
-
SHA512
345bee45708ba133449dd8567ff41e9dfda48c6de4efa41d0c7c8e874767d39266ca7d5ee51e39e91eb19361d1f27b1b5a274576ea424cc6b89bcc517ab55636
-
SSDEEP
98304:IXdmLy0iwoX1QhDopTnV+2cn0z3WKsq+iUdFW+1PI5zXlA6+V3Vloy8vbJ:KS8tX1QhkpTnV+2cn0zGKh+ia+hXlf9
Behavioral task
behavioral1
Sample
c067cf39d43b39a560eca901609bc4d403f53f565d22370a0e9458b4e91a6824.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
c067cf39d43b39a560eca901609bc4d403f53f565d22370a0e9458b4e91a6824
-
Size
7.2MB
-
MD5
e22f713ca51e6ac129ed8dab1bedb8a6
-
SHA1
61280be1fa0cee8c8148bdd167eb7176bb1df1b8
-
SHA256
c067cf39d43b39a560eca901609bc4d403f53f565d22370a0e9458b4e91a6824
-
SHA512
345bee45708ba133449dd8567ff41e9dfda48c6de4efa41d0c7c8e874767d39266ca7d5ee51e39e91eb19361d1f27b1b5a274576ea424cc6b89bcc517ab55636
-
SSDEEP
98304:IXdmLy0iwoX1QhDopTnV+2cn0z3WKsq+iUdFW+1PI5zXlA6+V3Vloy8vbJ:KS8tX1QhkpTnV+2cn0zGKh+ia+hXlf9
-
Modifies firewall policy service
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-