General
-
Target
f47bc123831a1855a959fbf51b4138683af7bbbde13ad9f164594d2aa6516791.bin
-
Size
7.1MB
-
Sample
210919-n3gfysefar
-
MD5
473b4e622b982a92cba1ba8afcda8273
-
SHA1
9a7a192b67895f63f1afdf5adf7ba2d195a17d80
-
SHA256
f47bc123831a1855a959fbf51b4138683af7bbbde13ad9f164594d2aa6516791
-
SHA512
bd437fa921c6e2c74d8c8aacc94daf2a560f90ad0fde54004902eb55b009bd705aa9e58e27e49e16f32f962302363e7991af59ba212be0f438909dc5be6032b0
Malware Config
Targets
-
-
Target
f47bc123831a1855a959fbf51b4138683af7bbbde13ad9f164594d2aa6516791.bin
-
Size
7.1MB
-
MD5
473b4e622b982a92cba1ba8afcda8273
-
SHA1
9a7a192b67895f63f1afdf5adf7ba2d195a17d80
-
SHA256
f47bc123831a1855a959fbf51b4138683af7bbbde13ad9f164594d2aa6516791
-
SHA512
bd437fa921c6e2c74d8c8aacc94daf2a560f90ad0fde54004902eb55b009bd705aa9e58e27e49e16f32f962302363e7991af59ba212be0f438909dc5be6032b0
Score10/10-
Detect Numando Payload
-
Numando
Numando is a banking trojan/backdoor targeting Latin America which uses Youtube and Pastebin for C2 communications.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-