General
-
Target
File.exe
-
Size
399.1MB
-
Sample
220802-cqfhcaeff3
-
MD5
da68a47812b9fc6d8f58bc98503c55f9
-
SHA1
22f68cb818335552220eea6a38498f4688c7ea0a
-
SHA256
1d7c6b200ac9d76d30f825ecbdc9be885ce7698cef93c39f1fa2753eead4389b
-
SHA512
ee8535fa38381942124851abc10ebbef9e29fcee7f65b6709c21348cc4c7bc88ae71adf2ef5715796a5cdc02e62809fc67565ce72b112373033008bfb73ea713
Malware Config
Targets
-
-
Target
File.exe
-
Size
399.1MB
-
MD5
da68a47812b9fc6d8f58bc98503c55f9
-
SHA1
22f68cb818335552220eea6a38498f4688c7ea0a
-
SHA256
1d7c6b200ac9d76d30f825ecbdc9be885ce7698cef93c39f1fa2753eead4389b
-
SHA512
ee8535fa38381942124851abc10ebbef9e29fcee7f65b6709c21348cc4c7bc88ae71adf2ef5715796a5cdc02e62809fc67565ce72b112373033008bfb73ea713
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-