General
-
Target
e243074c3f3825582e9f4039aecbdcf0N.exe
-
Size
7.5MB
-
Sample
240825-shhkqssbqn
-
MD5
e243074c3f3825582e9f4039aecbdcf0
-
SHA1
bb662a5bc555d3a558a9c8f853d5a86c4ae8ce68
-
SHA256
7cdf0d45dd4e81626b1807626f45f191494d1bde26641909b9a9dd4e5f0e4156
-
SHA512
3965735d47f2be25ac48f78abfd0a9e27460bdbf499986f170fb2a3498f828a6d21302f71708a9e7a56fe3d3671330b462cfbe36738f5e4c53ab9243ee953562
-
SSDEEP
98304:l1Z6Fgfnd43cPOvp/5ggnoKs7yUzzlLQQNE7zWSzF6NUbA9mCpGDQpuVPvx5ctOx:ln6FuTa1TnUPlLQQNArLbA48GDuuN
Behavioral task
behavioral1
Sample
e243074c3f3825582e9f4039aecbdcf0N.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
e243074c3f3825582e9f4039aecbdcf0N.exe
-
Size
7.5MB
-
MD5
e243074c3f3825582e9f4039aecbdcf0
-
SHA1
bb662a5bc555d3a558a9c8f853d5a86c4ae8ce68
-
SHA256
7cdf0d45dd4e81626b1807626f45f191494d1bde26641909b9a9dd4e5f0e4156
-
SHA512
3965735d47f2be25ac48f78abfd0a9e27460bdbf499986f170fb2a3498f828a6d21302f71708a9e7a56fe3d3671330b462cfbe36738f5e4c53ab9243ee953562
-
SSDEEP
98304:l1Z6Fgfnd43cPOvp/5ggnoKs7yUzzlLQQNE7zWSzF6NUbA9mCpGDQpuVPvx5ctOx:ln6FuTa1TnUPlLQQNArLbA48GDuuN
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-