General
-
Target
812896479e7bab5a8d0722082b443140a4c509e9a7d7c54fc8a791889222bb6f
-
Size
9.7MB
-
Sample
240522-ty3raahb71
-
MD5
df001339cece4f98b447a0017f20037d
-
SHA1
11f7294afaf3ccdf17b9cad314ebafdb213b9960
-
SHA256
812896479e7bab5a8d0722082b443140a4c509e9a7d7c54fc8a791889222bb6f
-
SHA512
d71212b33848126acd6224c944c405a9d4d2d5d88ac405067b40a3e2d01ebc086aabb90d1e200b46f4c9b4fb401fb2e386bab26ab84cc1ce7ab84cc75c712137
-
SSDEEP
196608:38rwcLzQvcmzwnj0NwD0mAJWHfg/RDe+Ye4d/e2xlKA0Erf:3LqzQRcj7Aqfg/Be1e4d20SEr
Behavioral task
behavioral1
Sample
812896479e7bab5a8d0722082b443140a4c509e9a7d7c54fc8a791889222bb6f.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
812896479e7bab5a8d0722082b443140a4c509e9a7d7c54fc8a791889222bb6f
-
Size
9.7MB
-
MD5
df001339cece4f98b447a0017f20037d
-
SHA1
11f7294afaf3ccdf17b9cad314ebafdb213b9960
-
SHA256
812896479e7bab5a8d0722082b443140a4c509e9a7d7c54fc8a791889222bb6f
-
SHA512
d71212b33848126acd6224c944c405a9d4d2d5d88ac405067b40a3e2d01ebc086aabb90d1e200b46f4c9b4fb401fb2e386bab26ab84cc1ce7ab84cc75c712137
-
SSDEEP
196608:38rwcLzQvcmzwnj0NwD0mAJWHfg/RDe+Ye4d/e2xlKA0Erf:3LqzQRcj7Aqfg/Be1e4d20SEr
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-