General
-
Target
Bitcoin_Brut.exe
-
Size
38.6MB
-
Sample
210704-whez3l71rj
-
MD5
f2aad3d0e55488278eeb40e261e98b44
-
SHA1
d0801b8ca7d2261d8eaecd2046f8849c63354c10
-
SHA256
4f30d6482794122fd5cb4c486068c6855b55c4746ac2c0e5ebfe550343f82539
-
SHA512
6c5d65ac4aa3d5dc851f6b3d92eb77ff7daca154a76c0daeb9a6c3e9cf4f7c07e33e119af5d0af111d09de7f9c8fc14dcedfe71926cb609299f98f807318f381
Static task
static1
Malware Config
Targets
-
-
Target
Bitcoin_Brut.exe
-
Size
38.6MB
-
MD5
f2aad3d0e55488278eeb40e261e98b44
-
SHA1
d0801b8ca7d2261d8eaecd2046f8849c63354c10
-
SHA256
4f30d6482794122fd5cb4c486068c6855b55c4746ac2c0e5ebfe550343f82539
-
SHA512
6c5d65ac4aa3d5dc851f6b3d92eb77ff7daca154a76c0daeb9a6c3e9cf4f7c07e33e119af5d0af111d09de7f9c8fc14dcedfe71926cb609299f98f807318f381
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-