APP.exe.zip
APP.exe.zip
5MB
210924-bad4xafdfr
4f3669edb010f5db21b13a088182b8fe
892447e55ff7a3ac5d26c573bb8eb4607b41ba1e
b70b9039ec4b33987a991c5c20729eb3310d7406b8d15161037df3b21fd968bb
a6c1911bd010c13630b9921fefbfd5a495ed3786e347c208602f25bd9e8f49be28d6711a971bd74f87f303bd312862fea730483045fd4b74410c76e9fbe59ea7
APP.exe
a0b4d2c96937104bcffd21ce69885a59
5MB
6cda6e2bee6d67a5f407e4d7e96af9d76bfa7c79
72cb50e5791e1fcb11d24bc4cff3b44379a529c5549fbf6f500adcd67bfe9139
17b1b4de1bddb7f357744ace07509481e80eb8a63fa9c39ee00ecd7eba3b03611eb0e2329e88e20b05e8a2655fa67a7b699c8455c1fa9aebeba4384151ae2ee0
Tags
Signatures
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
Description
BIOS information is often read in order to detect sandboxing environments.
TTPs
-
Themida packer
Description
Detects Themida, an advanced Windows software protection system.
Tags
-
Checks whether UAC is enabled
Tags
TTPs