General
-
Target
8eb3a2b0c546da0b5c595cbbba207db7f990b3726075ea45f7decf57b863f5bb.exe
-
Size
28.4MB
-
Sample
240615-b9762avfkd
-
MD5
f3c5a2f7998dda93df0ffce490040183
-
SHA1
cb6555cff3334f9415c542496de591a95c6ac325
-
SHA256
8eb3a2b0c546da0b5c595cbbba207db7f990b3726075ea45f7decf57b863f5bb
-
SHA512
8a7d8dc45f1d9a525082bc97cb5fea87de07f22554825a613f0ea0f311eae702e4b2286a11af67d7d5273bc4d844f5bef25c64b4ae4793777c1383276e31b560
-
SSDEEP
393216:ABXfXgSZvx+hS9yZC7g8eQkmIGWyYFNLF/H0ef91mAHj16obsHQlKfjDUcC0K/Zg:AlQavMw9yZOfgc8pfr/sHjUx7VqXu4l
Behavioral task
behavioral1
Sample
8eb3a2b0c546da0b5c595cbbba207db7f990b3726075ea45f7decf57b863f5bb.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
8eb3a2b0c546da0b5c595cbbba207db7f990b3726075ea45f7decf57b863f5bb.exe
-
Size
28.4MB
-
MD5
f3c5a2f7998dda93df0ffce490040183
-
SHA1
cb6555cff3334f9415c542496de591a95c6ac325
-
SHA256
8eb3a2b0c546da0b5c595cbbba207db7f990b3726075ea45f7decf57b863f5bb
-
SHA512
8a7d8dc45f1d9a525082bc97cb5fea87de07f22554825a613f0ea0f311eae702e4b2286a11af67d7d5273bc4d844f5bef25c64b4ae4793777c1383276e31b560
-
SSDEEP
393216:ABXfXgSZvx+hS9yZC7g8eQkmIGWyYFNLF/H0ef91mAHj16obsHQlKfjDUcC0K/Zg:AlQavMw9yZOfgc8pfr/sHjUx7VqXu4l
-
Detects executables packed with Themida
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-