General
-
Target
f8e75a1d29c453ee93f1bbde915b98318ccab3856876063feba2611a66958b59
-
Size
8.7MB
-
Sample
241031-k397gswbjp
-
MD5
91b892a89c0d3b2a411c408b8757beb5
-
SHA1
3975cf3bb3d8300ee50da45b4ebc3702b9b60426
-
SHA256
f8e75a1d29c453ee93f1bbde915b98318ccab3856876063feba2611a66958b59
-
SHA512
065618c293a7597ee8ae7a39aeeee5e822eeda78142ae1e3417e3c8a6f0d80260ed3fa5c7baf1048cd619795f003d2856dd35c0bf0b30f5a06aa9f69ada0cf06
-
SSDEEP
196608:kddkya/qea8TijDILdvUQOZHlMTyBnRXyP:nyaS8TijD6MV7MTIK
Behavioral task
behavioral1
Sample
f8e75a1d29c453ee93f1bbde915b98318ccab3856876063feba2611a66958b59.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
f8e75a1d29c453ee93f1bbde915b98318ccab3856876063feba2611a66958b59
-
Size
8.7MB
-
MD5
91b892a89c0d3b2a411c408b8757beb5
-
SHA1
3975cf3bb3d8300ee50da45b4ebc3702b9b60426
-
SHA256
f8e75a1d29c453ee93f1bbde915b98318ccab3856876063feba2611a66958b59
-
SHA512
065618c293a7597ee8ae7a39aeeee5e822eeda78142ae1e3417e3c8a6f0d80260ed3fa5c7baf1048cd619795f003d2856dd35c0bf0b30f5a06aa9f69ada0cf06
-
SSDEEP
196608:kddkya/qea8TijDILdvUQOZHlMTyBnRXyP:nyaS8TijD6MV7MTIK
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-