General
-
Target
Noise0.7.dll
-
Size
3.3MB
-
Sample
220719-tjx79agafp
-
MD5
378197c56015e77e7d352d42c6e3ff92
-
SHA1
892e8a4c5dabfe66fed5b93fccb3efaeae189000
-
SHA256
38e0c53471ba0fe3cb57b489faa5a421765b72c9b557fed198a5775d95067b67
-
SHA512
2a866c02dfba92adf8fee071757b8b4a3c798164406482475ebf5bc974bf042ee2ac184e090c6d74e22dbde5a5b2a01aa0d66b95216810f00c8f4867e5e30d27
Malware Config
Targets
-
-
Target
Noise0.7.dll
-
Size
3.3MB
-
MD5
378197c56015e77e7d352d42c6e3ff92
-
SHA1
892e8a4c5dabfe66fed5b93fccb3efaeae189000
-
SHA256
38e0c53471ba0fe3cb57b489faa5a421765b72c9b557fed198a5775d95067b67
-
SHA512
2a866c02dfba92adf8fee071757b8b4a3c798164406482475ebf5bc974bf042ee2ac184e090c6d74e22dbde5a5b2a01aa0d66b95216810f00c8f4867e5e30d27
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-