General
-
Target
9087ca9436643394f3e54dd8b2cd8ec6af4989a3fe38d0dc115b0f48609b9191
-
Size
8.7MB
-
Sample
211215-kvl5pahae3
-
MD5
46446db5025338d618274213246f36e6
-
SHA1
6d2c16d27bf52592d6596234b6396122b16f292e
-
SHA256
9087ca9436643394f3e54dd8b2cd8ec6af4989a3fe38d0dc115b0f48609b9191
-
SHA512
09b94d58bcfab59a6d7d85708f2da6ea571dbb714e5b50633ab49fb4532c9e016b0020bc81fb84861d22457b48f9c8391090443cfcb96f36c60a50fa0f741f1b
Static task
static1
Malware Config
Targets
-
-
Target
9087ca9436643394f3e54dd8b2cd8ec6af4989a3fe38d0dc115b0f48609b9191
-
Size
8.7MB
-
MD5
46446db5025338d618274213246f36e6
-
SHA1
6d2c16d27bf52592d6596234b6396122b16f292e
-
SHA256
9087ca9436643394f3e54dd8b2cd8ec6af4989a3fe38d0dc115b0f48609b9191
-
SHA512
09b94d58bcfab59a6d7d85708f2da6ea571dbb714e5b50633ab49fb4532c9e016b0020bc81fb84861d22457b48f9c8391090443cfcb96f36c60a50fa0f741f1b
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-