General
-
Target
SecuriteInfo.com.BScope.Trojan.Fuerboos.2678
-
Size
3.4MB
-
Sample
201109-brkn3lne2a
-
MD5
ca34ecc57bbde323ee50484654a0964b
-
SHA1
419b3bd758d1226b25e54b1bbfc679b5ede0c56b
-
SHA256
d1eb54cb3aa9ba1fc585cf676c4a814b11786b962da1b1959768794d281084ab
-
SHA512
20eb4460bbaef8236c70e26ad58b70e9b4ce7202f18c234e5d4b52cb1577c32c134e8453c73bffd0156b28d129137eddcf7eac6abd428cb77302b4bb1a4d29cd
Malware Config
Targets
-
-
Target
SecuriteInfo.com.BScope.Trojan.Fuerboos.2678
-
Size
3.4MB
-
MD5
ca34ecc57bbde323ee50484654a0964b
-
SHA1
419b3bd758d1226b25e54b1bbfc679b5ede0c56b
-
SHA256
d1eb54cb3aa9ba1fc585cf676c4a814b11786b962da1b1959768794d281084ab
-
SHA512
20eb4460bbaef8236c70e26ad58b70e9b4ce7202f18c234e5d4b52cb1577c32c134e8453c73bffd0156b28d129137eddcf7eac6abd428cb77302b4bb1a4d29cd
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
themida
Detects Themida, Advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-