General
-
Target
Final_Exo.exe
-
Size
11.6MB
-
Sample
240422-1q75csgh34
-
MD5
95ca9ea4df718e942a9469809d4d3f0c
-
SHA1
3b10fcdad8200b06a819cce0ef2927e8ac2b41e4
-
SHA256
2bde57f6947faaf82ac15c44168284560b7b0f4178a17aaeb6ff7347528127eb
-
SHA512
085d634494aae323d7a632659aea6b4e61a77e7b5e960d7654b6e8dc1c32e9e2cac6c89535844b8011e3e1a5e5a027312eff03698226c2a206d436bcaa7e1cad
-
SSDEEP
196608:K2GXWNwlpIKEmpYg0nSKOfF8UNQfjzWdRlASRXUGTgT1LglvZkgrc:KFMdSQnSzmUNSjzlSRFKglhkgI
Behavioral task
behavioral1
Sample
Final_Exo.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
Final_Exo.exe
-
Size
11.6MB
-
MD5
95ca9ea4df718e942a9469809d4d3f0c
-
SHA1
3b10fcdad8200b06a819cce0ef2927e8ac2b41e4
-
SHA256
2bde57f6947faaf82ac15c44168284560b7b0f4178a17aaeb6ff7347528127eb
-
SHA512
085d634494aae323d7a632659aea6b4e61a77e7b5e960d7654b6e8dc1c32e9e2cac6c89535844b8011e3e1a5e5a027312eff03698226c2a206d436bcaa7e1cad
-
SSDEEP
196608:K2GXWNwlpIKEmpYg0nSKOfF8UNQfjzWdRlASRXUGTgT1LglvZkgrc:KFMdSQnSzmUNSjzlSRFKglhkgI
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-