General
-
Target
f84d2af6ba8cf7bacc684fac666335b963632ce17775fa0bd7d25de9282cde01
-
Size
3.0MB
-
Sample
211218-dd5gdafbhk
-
MD5
fd73f81aa14d9ac2bed06703ddb406fc
-
SHA1
71201a58ed4a950b3b5fb1f01c2a4826f9e98180
-
SHA256
f84d2af6ba8cf7bacc684fac666335b963632ce17775fa0bd7d25de9282cde01
-
SHA512
b0474899f93aa9d46090fb02c6ef1a8ce283a19be29f13eec70b32059752c50fed05aa507da83c20a9a580f941d9987bb9c93518fac8210c3bd6a0cf815bf407
Static task
static1
Malware Config
Targets
-
-
Target
f84d2af6ba8cf7bacc684fac666335b963632ce17775fa0bd7d25de9282cde01
-
Size
3.0MB
-
MD5
fd73f81aa14d9ac2bed06703ddb406fc
-
SHA1
71201a58ed4a950b3b5fb1f01c2a4826f9e98180
-
SHA256
f84d2af6ba8cf7bacc684fac666335b963632ce17775fa0bd7d25de9282cde01
-
SHA512
b0474899f93aa9d46090fb02c6ef1a8ce283a19be29f13eec70b32059752c50fed05aa507da83c20a9a580f941d9987bb9c93518fac8210c3bd6a0cf815bf407
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-