General
-
Target
4867822a4f3b6a5863c1a3e407ca09aae29fed5be1e4fb6bdce6f25432d329dc.zip
-
Size
4.7MB
-
Sample
220802-q7bsdafee7
-
MD5
d8a8eadbca999c4107f5cd7631c2f82e
-
SHA1
d84eb1cff0a48453c2f989668535e5ad0cfb8fcd
-
SHA256
29c562281ab68f2f7861057de64ebf548038ce084cc878f676cf86b200a1dd91
-
SHA512
d2d3208763a8d64b8c2775e2ecd6e46dd09b9282b973264e0ddcea08055b8f639118e4f1809921177c29037e4e947421d659417d088cc3f1ed462efb982e00b4
Malware Config
Targets
-
-
Target
4867822a4f3b6a5863c1a3e407ca09aae29fed5be1e4fb6bdce6f25432d329dc.exe
-
Size
5.9MB
-
MD5
e708e555e05c3d53a782200991a1984b
-
SHA1
419a0fcccea429405631bb93d223a3319fb3fcee
-
SHA256
4867822a4f3b6a5863c1a3e407ca09aae29fed5be1e4fb6bdce6f25432d329dc
-
SHA512
c74fe985e1fe6f6ad160bc6c58822e312d00308064c18f8e97ce497ed20f178e60ea854445b4a27ea4a4624045df5a76ae773b41443929cd98638fd2be5021e8
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-