General
-
Target
VC_redist.x64.exe
-
Size
3.3MB
-
Sample
240611-thysdssfle
-
MD5
1fcd2cb3a0dca30e936a1e1e94a731a8
-
SHA1
f2f35ebd45e268cab7e45f72df2cc8a6ceb4e2a3
-
SHA256
dbe3204db121592433ec888fb34e842f8e81e3534ac907aba1876a16bc8bfac5
-
SHA512
9beb82f8f25abf3e5f97f70d30dd767f2be043790bf43fd266ed6d96e079284bc4c645dc2a9d353a02a5ecf77491fe648258e578b88b53988ff3628d50a18a1f
-
SSDEEP
98304:rEmjqVz8WFanFeGwwxprUOvH3xFByH2Mc6+6MCb2UGG:rDjQ8WFCcGwS1HONcR6MtUGG
Behavioral task
behavioral1
Sample
VC_redist.x64.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
VC_redist.x64.exe
-
Size
3.3MB
-
MD5
1fcd2cb3a0dca30e936a1e1e94a731a8
-
SHA1
f2f35ebd45e268cab7e45f72df2cc8a6ceb4e2a3
-
SHA256
dbe3204db121592433ec888fb34e842f8e81e3534ac907aba1876a16bc8bfac5
-
SHA512
9beb82f8f25abf3e5f97f70d30dd767f2be043790bf43fd266ed6d96e079284bc4c645dc2a9d353a02a5ecf77491fe648258e578b88b53988ff3628d50a18a1f
-
SSDEEP
98304:rEmjqVz8WFanFeGwwxprUOvH3xFByH2Mc6+6MCb2UGG:rDjQ8WFCcGwS1HONcR6MtUGG
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-