General
-
Target
CL_Installer_protected.exe
-
Size
4.7MB
-
Sample
240622-pyl2baycrd
-
MD5
3aa4277897f9d555fbd3bc184727287d
-
SHA1
748fb910c560f1462189236fd731b7a98c5a9242
-
SHA256
7dd637c7e0728ed077ed7dbab8186cec5164150a9c82e7cc53e0fb63536a27c1
-
SHA512
617c81f7b239af3888806200fb546e99e3b6fb3b1cef695a3007cff45e63937b1490f7e39690617030e49c087ce827253ab23d3adbea1dadf7d7db15728ea09e
-
SSDEEP
98304:9hasxuRbNIrSFuwbg1veebOM0TBd0I0agEFNYBMDk7H0FyH:jdQbMog4hqvRW7o7Hm2
Behavioral task
behavioral1
Sample
CL_Installer_protected.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
CL_Installer_protected.exe
-
Size
4.7MB
-
MD5
3aa4277897f9d555fbd3bc184727287d
-
SHA1
748fb910c560f1462189236fd731b7a98c5a9242
-
SHA256
7dd637c7e0728ed077ed7dbab8186cec5164150a9c82e7cc53e0fb63536a27c1
-
SHA512
617c81f7b239af3888806200fb546e99e3b6fb3b1cef695a3007cff45e63937b1490f7e39690617030e49c087ce827253ab23d3adbea1dadf7d7db15728ea09e
-
SSDEEP
98304:9hasxuRbNIrSFuwbg1veebOM0TBd0I0agEFNYBMDk7H0FyH:jdQbMog4hqvRW7o7Hm2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-