General
-
Target
dddb44095497c8f36cc8b4f04349762c9edc85e6e7cffbbd061db7aff72275de
-
Size
8.9MB
-
Sample
220104-j8tk9afhg4
-
MD5
304300c617bcce8842884d3ce8aac89f
-
SHA1
d507e6528a31d61c8e4c5901525473899312a9d9
-
SHA256
dddb44095497c8f36cc8b4f04349762c9edc85e6e7cffbbd061db7aff72275de
-
SHA512
8eaac0160f9093bc35a1c7895d7964c1eb3ca773d4b15ba487102e228778c78a263dbfc5dbc5f5853a258c157c54dfe461c06d9b07638d925ca6e7c5b51f41f2
Static task
static1
Malware Config
Targets
-
-
Target
dddb44095497c8f36cc8b4f04349762c9edc85e6e7cffbbd061db7aff72275de
-
Size
8.9MB
-
MD5
304300c617bcce8842884d3ce8aac89f
-
SHA1
d507e6528a31d61c8e4c5901525473899312a9d9
-
SHA256
dddb44095497c8f36cc8b4f04349762c9edc85e6e7cffbbd061db7aff72275de
-
SHA512
8eaac0160f9093bc35a1c7895d7964c1eb3ca773d4b15ba487102e228778c78a263dbfc5dbc5f5853a258c157c54dfe461c06d9b07638d925ca6e7c5b51f41f2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-