General
-
Target
modest-menu.exe
-
Size
8.2MB
-
Sample
241031-z126estdjb
-
MD5
1c7c9105edb1977f683f870ae5f23013
-
SHA1
cc3ddad3a8105c9f4720a5f7abeb90a7ba89341e
-
SHA256
d4b531d4e32875c7de26018ed07347a9520893ae4ef8a55e9ddf510cbbced5a0
-
SHA512
7d5c2e0a714dd4de6dbfed4c3b818ac26e1cc3f211ff1af02503c064eeffef33506dfc6f9f2d4f0b27b9929b6141632769a8451849d1e7c9d07915e85a1afe33
-
SSDEEP
196608:0miuyn5ePOT7ayAED/POi+sPy/+9ZxDmiC3SPQe:0bePoW5CPX+2k3Sh
Behavioral task
behavioral1
Sample
modest-menu.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
modest-menu.exe
-
Size
8.2MB
-
MD5
1c7c9105edb1977f683f870ae5f23013
-
SHA1
cc3ddad3a8105c9f4720a5f7abeb90a7ba89341e
-
SHA256
d4b531d4e32875c7de26018ed07347a9520893ae4ef8a55e9ddf510cbbced5a0
-
SHA512
7d5c2e0a714dd4de6dbfed4c3b818ac26e1cc3f211ff1af02503c064eeffef33506dfc6f9f2d4f0b27b9929b6141632769a8451849d1e7c9d07915e85a1afe33
-
SSDEEP
196608:0miuyn5ePOT7ayAED/POi+sPy/+9ZxDmiC3SPQe:0bePoW5CPX+2k3Sh
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-