General
-
Target
cod_cleaner.exe
-
Size
65.0MB
-
Sample
240701-13877awhnk
-
MD5
b02f9d858cf06c00659de989a74b412e
-
SHA1
a457733c9671f1878998d2209db18feb5f292a23
-
SHA256
3c4079da1427fcb4a5c5fd80cfaeb0bbe3dced310f1ff2fdc35bdbefdb4d06e7
-
SHA512
be5ad57a29a20c8b7a05b6591892caee7fc431b81e7f1005408d0398ec44913698cc8b20eef7ef854b353d744036da951e2217523d512c00d1d1bd64bdcd401d
-
SSDEEP
786432:HFMHiy8GmXh80mWvJLTDgDLS/U0CijKeubcZw1pH:lMHiXLNDG0xw1l
Static task
static1
Malware Config
Targets
-
-
Target
cod_cleaner.exe
-
Size
65.0MB
-
MD5
b02f9d858cf06c00659de989a74b412e
-
SHA1
a457733c9671f1878998d2209db18feb5f292a23
-
SHA256
3c4079da1427fcb4a5c5fd80cfaeb0bbe3dced310f1ff2fdc35bdbefdb4d06e7
-
SHA512
be5ad57a29a20c8b7a05b6591892caee7fc431b81e7f1005408d0398ec44913698cc8b20eef7ef854b353d744036da951e2217523d512c00d1d1bd64bdcd401d
-
SSDEEP
786432:HFMHiy8GmXh80mWvJLTDgDLS/U0CijKeubcZw1pH:lMHiXLNDG0xw1l
-
Modifies Windows Firewall
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-