General
-
Target
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
Size
4.8MB
-
Sample
220808-nwtgyacde9
-
MD5
4fc82b5e28a7265ee93c3e7c5ea6de8b
-
SHA1
fc24012a44abaeea5c7fcf3c67da7c480ab6b7ce
-
SHA256
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
SHA512
8b7d2d2d6bdcf5404d17196c124c615cc3283b3d4ea1d6ebc4dd7ad294667e39b3202fc538ed74f70561d6983ac3d9e9c8a09967d250b59eaf13de38285c3a76
Malware Config
Targets
-
-
Target
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
Size
4.8MB
-
MD5
4fc82b5e28a7265ee93c3e7c5ea6de8b
-
SHA1
fc24012a44abaeea5c7fcf3c67da7c480ab6b7ce
-
SHA256
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
SHA512
8b7d2d2d6bdcf5404d17196c124c615cc3283b3d4ea1d6ebc4dd7ad294667e39b3202fc538ed74f70561d6983ac3d9e9c8a09967d250b59eaf13de38285c3a76
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-