General
-
Target
Insanity.exe
-
Size
8.8MB
-
Sample
240425-2aezbafh83
-
MD5
28fd4559b8992bd55474ebacefb3e3b9
-
SHA1
6e2cdc5ce622b4df10e476f59d55841a8f2fbd3a
-
SHA256
e2d0843263b93f1307eb631b78c58d85d9b88040c53c7188be2a8eb5cc71b940
-
SHA512
6d33b265ed468e0d2ac3180b73de8f35c4496b88eafbb381cb2dec61fc4459b2d8b4c1c8255ae62421a4a08aafe4138a601e51b8a63257d5e8703468876fa525
-
SSDEEP
196608:WtvmQqOmr1bFg9GLMwJlBYYKtLxqvgI7xPLsjK6frAOVQ5:We3t15gCMwJlBgttzndrvQ5
Behavioral task
behavioral1
Sample
Insanity.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Insanity.exe
-
Size
8.8MB
-
MD5
28fd4559b8992bd55474ebacefb3e3b9
-
SHA1
6e2cdc5ce622b4df10e476f59d55841a8f2fbd3a
-
SHA256
e2d0843263b93f1307eb631b78c58d85d9b88040c53c7188be2a8eb5cc71b940
-
SHA512
6d33b265ed468e0d2ac3180b73de8f35c4496b88eafbb381cb2dec61fc4459b2d8b4c1c8255ae62421a4a08aafe4138a601e51b8a63257d5e8703468876fa525
-
SSDEEP
196608:WtvmQqOmr1bFg9GLMwJlBYYKtLxqvgI7xPLsjK6frAOVQ5:We3t15gCMwJlBgttzndrvQ5
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-