General
-
Target
pbD7aWYbGkpZ53YnplcUNmTQs.exe
-
Size
5.0MB
-
Sample
240617-se96ksyekp
-
MD5
e250629a4db5371dd091b93f15930d97
-
SHA1
6ab64feeabe97de0837847df5273163de6f77842
-
SHA256
9403f39154f5971a1fd8f9880845e34a58d09f48dccd02016a19b1b21c96fded
-
SHA512
e4c00c54fddf22d0895ca5f0d94524a6463c6cf04fe519b9384bc678af48a2d695911fa505bbd8475b69fde529ad1a96559e5b611eaece7b3b3c875ea6db2eaa
-
SSDEEP
98304:dWG/fJz6NAFM8K+y8z4Q0zK4XXiMRv5RMARHK6IaulxLBol5fP:dWG/fJze+M81yc4QT4n3RBRnsjBKfP
Behavioral task
behavioral1
Sample
pbD7aWYbGkpZ53YnplcUNmTQs.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
pbD7aWYbGkpZ53YnplcUNmTQs.exe
-
Size
5.0MB
-
MD5
e250629a4db5371dd091b93f15930d97
-
SHA1
6ab64feeabe97de0837847df5273163de6f77842
-
SHA256
9403f39154f5971a1fd8f9880845e34a58d09f48dccd02016a19b1b21c96fded
-
SHA512
e4c00c54fddf22d0895ca5f0d94524a6463c6cf04fe519b9384bc678af48a2d695911fa505bbd8475b69fde529ad1a96559e5b611eaece7b3b3c875ea6db2eaa
-
SSDEEP
98304:dWG/fJz6NAFM8K+y8z4Q0zK4XXiMRv5RMARHK6IaulxLBol5fP:dWG/fJze+M81yc4QT4n3RBRnsjBKfP
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-