General
-
Target
082dd397e5941bee9bbafdb3eaf95d2b042e442105178f676fa28edd6ecbfd29
-
Size
4.5MB
-
Sample
240525-llkqyacg4x
-
MD5
f5b8df75e1a03059ad63447c880eb0dd
-
SHA1
1a83532ceccd3ed9ad7179305ea32e54734dd17a
-
SHA256
082dd397e5941bee9bbafdb3eaf95d2b042e442105178f676fa28edd6ecbfd29
-
SHA512
f253d172e7cba0c86234aea0dfcb32a7dfc5540971b6f47c6dd12f9774a67958c8598b08b2790c4d577b1ac5111a9143dd6e9ac3d344b946737d35a778b36b0b
-
SSDEEP
98304:4HBZetwxMPUUI4lJHIZr5QvV4zthROYob8gmcKDYKiI:AZetwxMPUUI4HHIPQvV4zs8/cyY
Behavioral task
behavioral1
Sample
082dd397e5941bee9bbafdb3eaf95d2b042e442105178f676fa28edd6ecbfd29.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
082dd397e5941bee9bbafdb3eaf95d2b042e442105178f676fa28edd6ecbfd29
-
Size
4.5MB
-
MD5
f5b8df75e1a03059ad63447c880eb0dd
-
SHA1
1a83532ceccd3ed9ad7179305ea32e54734dd17a
-
SHA256
082dd397e5941bee9bbafdb3eaf95d2b042e442105178f676fa28edd6ecbfd29
-
SHA512
f253d172e7cba0c86234aea0dfcb32a7dfc5540971b6f47c6dd12f9774a67958c8598b08b2790c4d577b1ac5111a9143dd6e9ac3d344b946737d35a778b36b0b
-
SSDEEP
98304:4HBZetwxMPUUI4lJHIZr5QvV4zthROYob8gmcKDYKiI:AZetwxMPUUI4HHIPQvV4zs8/cyY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-