General
-
Target
mi_855 865 870_bypass.exe
-
Size
5.2MB
-
Sample
240630-pvh59axhjf
-
MD5
f93efd608096df31865b2dfd709bc312
-
SHA1
23335dbdad1df85352f5b0f79756fc8696d46393
-
SHA256
3e42544d302e1b8860d25ed1fc55050d8cdc8584c444e6a470de1c4f8d60739c
-
SHA512
b680c7e4e9fb1390dfc9fe642e1ebb6f25311ff13109b85424ac8022cd8b415b66dfcf1a8afe15d49916591d87951716b2e6becd4362f9ee96a3722a4d1b1de2
-
SSDEEP
98304:MaZWTd4PR3z5Q6iV9E+bTdbrZU8b+tlcdx+00lOfnmpf+M1i2e2v9zdcLR/:MaZWx4P15FiVmudbFdb8xBYUe2lBcLR
Behavioral task
behavioral1
Sample
mi_855 865 870_bypass.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
mi_855 865 870_bypass.exe
-
Size
5.2MB
-
MD5
f93efd608096df31865b2dfd709bc312
-
SHA1
23335dbdad1df85352f5b0f79756fc8696d46393
-
SHA256
3e42544d302e1b8860d25ed1fc55050d8cdc8584c444e6a470de1c4f8d60739c
-
SHA512
b680c7e4e9fb1390dfc9fe642e1ebb6f25311ff13109b85424ac8022cd8b415b66dfcf1a8afe15d49916591d87951716b2e6becd4362f9ee96a3722a4d1b1de2
-
SSDEEP
98304:MaZWTd4PR3z5Q6iV9E+bTdbrZU8b+tlcdx+00lOfnmpf+M1i2e2v9zdcLR/:MaZWx4P15FiVmudbFdb8xBYUe2lBcLR
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-