General
-
Target
Chaos Launcher V3.exe
-
Size
11.6MB
-
Sample
240425-vaa7ssch43
-
MD5
79dc609ecbdb99dbf1a1ac7c000f359a
-
SHA1
15f976701f485e72152cc3c46b5dca7031d8d096
-
SHA256
59ac5a002c49f7c18a8cbd7513e1bddcef8cd52a876c8a3dc7d19c24dc9aac1b
-
SHA512
96b74056abf640bce4fed87d6203da9a114487a7442a8af9f6fec25f1d269c33917356719dad5bb3e9c7c96d6274cc5ba641f844414b545db4814ca52f439999
-
SSDEEP
196608:QwKFg4oGJPM0OR5ToGI4ggGo9EaNuK/EcKak58wQMuHdoMRc8YFHLgZql+xVUH:lKg5GhMDR50p1IzRE8wxuHdhRpgHLgZM
Behavioral task
behavioral1
Sample
Chaos Launcher V3.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
Chaos Launcher V3.exe
-
Size
11.6MB
-
MD5
79dc609ecbdb99dbf1a1ac7c000f359a
-
SHA1
15f976701f485e72152cc3c46b5dca7031d8d096
-
SHA256
59ac5a002c49f7c18a8cbd7513e1bddcef8cd52a876c8a3dc7d19c24dc9aac1b
-
SHA512
96b74056abf640bce4fed87d6203da9a114487a7442a8af9f6fec25f1d269c33917356719dad5bb3e9c7c96d6274cc5ba641f844414b545db4814ca52f439999
-
SSDEEP
196608:QwKFg4oGJPM0OR5ToGI4ggGo9EaNuK/EcKak58wQMuHdoMRc8YFHLgZql+xVUH:lKg5GhMDR50p1IzRE8wxuHdhRpgHLgZM
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-