General
-
Target
Woofer_-_Hwid.exe
-
Size
5.5MB
-
Sample
240428-l78d5adc82
-
MD5
44c3f668cf002c241a9121b72139b42d
-
SHA1
0356cce54d3711191e32b150cfbc1367c335af01
-
SHA256
e6e800ea66bfe325aa61ab5c06b60dbce4a7d109c3f6d8f8a62cb693166e3763
-
SHA512
ef2e4759e2a098a711b3a682266029311b1bb6fd460ecec46fa234ddbc661ecc25c1f486e40cbeaaac6e5ed7af092fe8fbe8a6eb431c8e2866425cb7ffc6086f
-
SSDEEP
98304:Fb2rcboUGIj6JWBEQCNy5UuI4EPGEbHDoQb0IoB95uxiPhbQGWqCAv:/boUGzmwNya4B4MQb9owAVWr2
Behavioral task
behavioral1
Sample
Woofer_-_Hwid.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
Woofer_-_Hwid.exe
-
Size
5.5MB
-
MD5
44c3f668cf002c241a9121b72139b42d
-
SHA1
0356cce54d3711191e32b150cfbc1367c335af01
-
SHA256
e6e800ea66bfe325aa61ab5c06b60dbce4a7d109c3f6d8f8a62cb693166e3763
-
SHA512
ef2e4759e2a098a711b3a682266029311b1bb6fd460ecec46fa234ddbc661ecc25c1f486e40cbeaaac6e5ed7af092fe8fbe8a6eb431c8e2866425cb7ffc6086f
-
SSDEEP
98304:Fb2rcboUGIj6JWBEQCNy5UuI4EPGEbHDoQb0IoB95uxiPhbQGWqCAv:/boUGzmwNya4B4MQb9owAVWr2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-