General
-
Target
d10d8b324e9025b0e7da6553b0fc2f77da8e1b7c4f5102799d49c11ad960e08b
-
Size
5.3MB
-
Sample
250111-bk1ewsypcn
-
MD5
9c8d1ede5528039e18c96b05cee29363
-
SHA1
8fc90de490078029f5328c92093153220217348a
-
SHA256
d10d8b324e9025b0e7da6553b0fc2f77da8e1b7c4f5102799d49c11ad960e08b
-
SHA512
6595bb85a9ae9b3c9c02328227def8be9b56ad7e8f47dc150ae8d872488e92efe03b0ab4f002a5b38602eeb6bbffcd568b8da97e8141ae4898a4b24fab783933
-
SSDEEP
98304:SBNN/N91h2eDZQjL7sU8I5DKBWoClkRGJewd8Y3evBQ9LtYVrEx3/o6ETgKbWyu:e9GeDVI5DKBWZlkgJedYs6LtYdEhqTgY
Behavioral task
behavioral1
Sample
d10d8b324e9025b0e7da6553b0fc2f77da8e1b7c4f5102799d49c11ad960e08b.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
d10d8b324e9025b0e7da6553b0fc2f77da8e1b7c4f5102799d49c11ad960e08b
-
Size
5.3MB
-
MD5
9c8d1ede5528039e18c96b05cee29363
-
SHA1
8fc90de490078029f5328c92093153220217348a
-
SHA256
d10d8b324e9025b0e7da6553b0fc2f77da8e1b7c4f5102799d49c11ad960e08b
-
SHA512
6595bb85a9ae9b3c9c02328227def8be9b56ad7e8f47dc150ae8d872488e92efe03b0ab4f002a5b38602eeb6bbffcd568b8da97e8141ae4898a4b24fab783933
-
SSDEEP
98304:SBNN/N91h2eDZQjL7sU8I5DKBWoClkRGJewd8Y3evBQ9LtYVrEx3/o6ETgKbWyu:e9GeDVI5DKBWZlkgJedYs6LtYdEhqTgY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-