General
-
Target
client_64bit_3516.exe
-
Size
3.8MB
-
Sample
240412-tv7aasfb2x
-
MD5
b71c06fb816b70d4a289e857319ea898
-
SHA1
5992b0ad9bb83432a0db281f01d4f8ea4d901f6d
-
SHA256
80a7a0817f3ae2a97880a97074b62a3e90f1066ae51d76d5c709d7bd2dba0675
-
SHA512
5f6ad57e4977ee25b4a9a86d27bd8bf23cab1e00bb56ea283a45d387c4eb3706518234a96a3dbd403e69d74bf439db13ea86a86b44db5ec8ebb2ddea173e62b0
-
SSDEEP
98304:RT/RopJuXLGU293L6umGz9dNVpbgbB9jgig5TISD/rb6hABlD61D:RTapJuXLG16upRdNgdixzHj61D
Behavioral task
behavioral1
Sample
client_64bit_3516.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
client_64bit_3516.exe
-
Size
3.8MB
-
MD5
b71c06fb816b70d4a289e857319ea898
-
SHA1
5992b0ad9bb83432a0db281f01d4f8ea4d901f6d
-
SHA256
80a7a0817f3ae2a97880a97074b62a3e90f1066ae51d76d5c709d7bd2dba0675
-
SHA512
5f6ad57e4977ee25b4a9a86d27bd8bf23cab1e00bb56ea283a45d387c4eb3706518234a96a3dbd403e69d74bf439db13ea86a86b44db5ec8ebb2ddea173e62b0
-
SSDEEP
98304:RT/RopJuXLGU293L6umGz9dNVpbgbB9jgig5TISD/rb6hABlD61D:RTapJuXLG16upRdNgdixzHj61D
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-