General
-
Target
4f8f280ae5dbb931d0b79cba30b912698831dd17b7cf146348642ecbcf90eeae
-
Size
8.6MB
-
Sample
240522-qmkjsach9z
-
MD5
bcb0efeb03ab1b4d32d6043f7a223719
-
SHA1
c5933dcb5d2b4510dc2b61650fd544073da19f88
-
SHA256
4f8f280ae5dbb931d0b79cba30b912698831dd17b7cf146348642ecbcf90eeae
-
SHA512
e6aa13e4ea95f21b477b802cc97d4bbfb2f6a908482cdfe08095df2cf83799827335f7fa920ab56016c08c9e849739ac2ce81b4285f4cc68929fff2e33023b4d
-
SSDEEP
196608:VCO0Bg8tEXBAw4ov3Vhqx3nChywSH9QBOltYDKzwHTK7lHXxv:Vn0BlwBj4ov3VoyhywsaKE+7lH
Behavioral task
behavioral1
Sample
4f8f280ae5dbb931d0b79cba30b912698831dd17b7cf146348642ecbcf90eeae.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4f8f280ae5dbb931d0b79cba30b912698831dd17b7cf146348642ecbcf90eeae
-
Size
8.6MB
-
MD5
bcb0efeb03ab1b4d32d6043f7a223719
-
SHA1
c5933dcb5d2b4510dc2b61650fd544073da19f88
-
SHA256
4f8f280ae5dbb931d0b79cba30b912698831dd17b7cf146348642ecbcf90eeae
-
SHA512
e6aa13e4ea95f21b477b802cc97d4bbfb2f6a908482cdfe08095df2cf83799827335f7fa920ab56016c08c9e849739ac2ce81b4285f4cc68929fff2e33023b4d
-
SSDEEP
196608:VCO0Bg8tEXBAw4ov3Vhqx3nChywSH9QBOltYDKzwHTK7lHXxv:Vn0BlwBj4ov3VoyhywsaKE+7lH
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-