General
-
Target
hckiurcorx.uuh
-
Size
7.7MB
-
Sample
220803-18g1wsghgq
-
MD5
aec4f489c61ed3b5d91471d3f9193afc
-
SHA1
af328f319c1c957cbbe3dfdf59f0b8431b2c1a8b
-
SHA256
5cc29ce11d270c27e946ecc3bcd6b86123746e9c23f8cb41f6ea7e524d367c87
-
SHA512
5cf8c7b5837c663d30f7501e4ed67c8b72cfef98dfb92558ad40565b27145088f26cc5a5243dcf3bd6c2911e2dabf8140335e79e25e26eaa1ce42e462017b2bc
Behavioral task
behavioral1
Sample
hckiurcorx.dll
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
hckiurcorx.uuh
-
Size
7.7MB
-
MD5
aec4f489c61ed3b5d91471d3f9193afc
-
SHA1
af328f319c1c957cbbe3dfdf59f0b8431b2c1a8b
-
SHA256
5cc29ce11d270c27e946ecc3bcd6b86123746e9c23f8cb41f6ea7e524d367c87
-
SHA512
5cf8c7b5837c663d30f7501e4ed67c8b72cfef98dfb92558ad40565b27145088f26cc5a5243dcf3bd6c2911e2dabf8140335e79e25e26eaa1ce42e462017b2bc
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-