General
-
Target
65e6f66f1d642977aeea3ad689f91fe24496907e90f7842c5dd0ce5c2ae8a28f
-
Size
8.9MB
-
Sample
211219-mbdejsgbb2
-
MD5
59f099c8c5ab999d21efdec931b40060
-
SHA1
337fc8dd6cab8c77aa9dfa42640bc14230fa665a
-
SHA256
65e6f66f1d642977aeea3ad689f91fe24496907e90f7842c5dd0ce5c2ae8a28f
-
SHA512
4dd42bf8a06258e0ffd2fa5b3eb9c6d906f80453037d8efd128abed6934ed1f3a975a791c8d4b40fbf1ed5b99897c9e1330863039adbddaaf52ca4f0d8ba6750
Static task
static1
Malware Config
Targets
-
-
Target
65e6f66f1d642977aeea3ad689f91fe24496907e90f7842c5dd0ce5c2ae8a28f
-
Size
8.9MB
-
MD5
59f099c8c5ab999d21efdec931b40060
-
SHA1
337fc8dd6cab8c77aa9dfa42640bc14230fa665a
-
SHA256
65e6f66f1d642977aeea3ad689f91fe24496907e90f7842c5dd0ce5c2ae8a28f
-
SHA512
4dd42bf8a06258e0ffd2fa5b3eb9c6d906f80453037d8efd128abed6934ed1f3a975a791c8d4b40fbf1ed5b99897c9e1330863039adbddaaf52ca4f0d8ba6750
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-