General
-
Target
Nightmare Booter (DDos) [IP Stresser] (1).exe
-
Size
42KB
-
Sample
211022-azma5sbaa7
-
MD5
b28c8b50fda9f355c2d97cac7a9b13b9
-
SHA1
cff75e49e2f567ee9e890cc5c203e1c3549945aa
-
SHA256
926755cc31c239edc78b3ef4aa3b3cc64fbe7209d907f9d1cdaa4b560662adfc
-
SHA512
412a5fdecde6ed98e5c4c0e5a8347845807d816215b2db682edfbcdbd5a266b4fe8c3db1459b2e3121f1d48aca577825581444e8baf89ded83f6add33c6eabc4
Malware Config
Targets
-
-
Target
Nightmare Booter (DDos) [IP Stresser] (1).exe
-
Size
42KB
-
MD5
b28c8b50fda9f355c2d97cac7a9b13b9
-
SHA1
cff75e49e2f567ee9e890cc5c203e1c3549945aa
-
SHA256
926755cc31c239edc78b3ef4aa3b3cc64fbe7209d907f9d1cdaa4b560662adfc
-
SHA512
412a5fdecde6ed98e5c4c0e5a8347845807d816215b2db682edfbcdbd5a266b4fe8c3db1459b2e3121f1d48aca577825581444e8baf89ded83f6add33c6eabc4
Score9/10-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-