General
-
Target
a31704b97b9063b53a92e52a863a5f38.bin
-
Size
16.6MB
-
Sample
240630-dqplpawgkn
-
MD5
a31704b97b9063b53a92e52a863a5f38
-
SHA1
23523278ce76e055ffd72dfd86b3592fe2691803
-
SHA256
efe0d0ce065bda3c1632b384a4e9391cdda0bbb98523ca738b6901d89086c41e
-
SHA512
45bbe191d2b8c601d97e2bbcd78ba5824e87e3a7d1b8e79346dbc0f03ed8508a4c6582145dfa962cd1873931541c76097212ef18ab87555ce4a019d6f98f995a
-
SSDEEP
393216:W3ANyM9vg50Pc/VBemZMtL+0KQl/CAUrXtiIp69sj//IjEzU2MO7/h:QANyhCPctBPZ6L+lQl/6rXtiIpqS/Hp5
Behavioral task
behavioral1
Sample
a31704b97b9063b53a92e52a863a5f38.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
a31704b97b9063b53a92e52a863a5f38.bin
-
Size
16.6MB
-
MD5
a31704b97b9063b53a92e52a863a5f38
-
SHA1
23523278ce76e055ffd72dfd86b3592fe2691803
-
SHA256
efe0d0ce065bda3c1632b384a4e9391cdda0bbb98523ca738b6901d89086c41e
-
SHA512
45bbe191d2b8c601d97e2bbcd78ba5824e87e3a7d1b8e79346dbc0f03ed8508a4c6582145dfa962cd1873931541c76097212ef18ab87555ce4a019d6f98f995a
-
SSDEEP
393216:W3ANyM9vg50Pc/VBemZMtL+0KQl/CAUrXtiIp69sj//IjEzU2MO7/h:QANyhCPctBPZ6L+lQl/6rXtiIpqS/Hp5
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-