General
-
Target
9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3
-
Size
2.5MB
-
Sample
210926-px7lmaehc3
-
MD5
1fae35c24b8df0d0f6713689e1ea1a20
-
SHA1
7f9d224e04d890eecfea5e79cbd4c4f89697f820
-
SHA256
9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3
-
SHA512
3abbfdedf618cc85d8e675237f955d1b6cc3cb834aed29dfc2db7bc35f6762a370102cc6d233ad97d25cb6db2db75ed4d774c2a9c456316801156ce3b8d69f02
Static task
static1
Malware Config
Targets
-
-
Target
9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3
-
Size
2.5MB
-
MD5
1fae35c24b8df0d0f6713689e1ea1a20
-
SHA1
7f9d224e04d890eecfea5e79cbd4c4f89697f820
-
SHA256
9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3
-
SHA512
3abbfdedf618cc85d8e675237f955d1b6cc3cb834aed29dfc2db7bc35f6762a370102cc6d233ad97d25cb6db2db75ed4d774c2a9c456316801156ce3b8d69f02
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-