General
-
Target
699b5cbdb04c84f15094d59929b94bcac1b615e726928679cd5c5bfde8b41733
-
Size
10.9MB
-
Sample
240522-e25ygsca58
-
MD5
9db421b3268349238e51c91c6c201f48
-
SHA1
4f073f55089c4b0656a749533dcc58bbefa3d950
-
SHA256
699b5cbdb04c84f15094d59929b94bcac1b615e726928679cd5c5bfde8b41733
-
SHA512
7f963ab690640bef60e6f4d7daa16d791244497bb8d8c4a2701eeb81fef93374b3b9a4876cb1f1cd2c1fece632f8f48286ee932159fe8c9757c6e1c74d0a596d
-
SSDEEP
196608:chUC3fTTEi1xkEqJRDwcitpspw064ijZDOBDI/L72PLfVwe09oYA17/n5:chUs/cDwDs85jZgEHaee0hCr
Static task
static1
Behavioral task
behavioral1
Sample
699b5cbdb04c84f15094d59929b94bcac1b615e726928679cd5c5bfde8b41733.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
699b5cbdb04c84f15094d59929b94bcac1b615e726928679cd5c5bfde8b41733
-
Size
10.9MB
-
MD5
9db421b3268349238e51c91c6c201f48
-
SHA1
4f073f55089c4b0656a749533dcc58bbefa3d950
-
SHA256
699b5cbdb04c84f15094d59929b94bcac1b615e726928679cd5c5bfde8b41733
-
SHA512
7f963ab690640bef60e6f4d7daa16d791244497bb8d8c4a2701eeb81fef93374b3b9a4876cb1f1cd2c1fece632f8f48286ee932159fe8c9757c6e1c74d0a596d
-
SSDEEP
196608:chUC3fTTEi1xkEqJRDwcitpspw064ijZDOBDI/L72PLfVwe09oYA17/n5:chUs/cDwDs85jZgEHaee0hCr
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-