General
-
Target
Setup.exe
-
Size
5.3MB
-
Sample
240411-ye5hzsee3x
-
MD5
f8842eb19e08fabccc6b44e3d486f421
-
SHA1
b385bfa4fc281209226573e5ff30cb054ef8fded
-
SHA256
52bc27b219b3048e1dadf4f673281ced218a0ff023bea21f9d4fd09156bdf24d
-
SHA512
ec1aa745908a98b65e36213ece61fe0d488196e2a3135cee8937f3e3c7d6268ad040fff81b9ad961325e41012654bb5c41ffc92c95b9068bf0c9b44a2f86ca01
-
SSDEEP
98304:hLvMDe7SkB8nRHA3UYazCf/NH9ahq/yVlhs4VfSJXtHpivPrYGNgR2:hLvMOSkmnR+dazCf/NdyZNrqnePrfNgw
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Setup.exe
-
Size
5.3MB
-
MD5
f8842eb19e08fabccc6b44e3d486f421
-
SHA1
b385bfa4fc281209226573e5ff30cb054ef8fded
-
SHA256
52bc27b219b3048e1dadf4f673281ced218a0ff023bea21f9d4fd09156bdf24d
-
SHA512
ec1aa745908a98b65e36213ece61fe0d488196e2a3135cee8937f3e3c7d6268ad040fff81b9ad961325e41012654bb5c41ffc92c95b9068bf0c9b44a2f86ca01
-
SSDEEP
98304:hLvMDe7SkB8nRHA3UYazCf/NH9ahq/yVlhs4VfSJXtHpivPrYGNgR2:hLvMOSkmnR+dazCf/NdyZNrqnePrfNgw
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-