General
-
Target
AutoBuilderMacros.rar
-
Size
2.2MB
-
Sample
220812-f4ae2abfc6
-
MD5
1adc0a93928d298b77337b1ea35e83c6
-
SHA1
0923090c791d2f17893346e67d24ad8752b10196
-
SHA256
01694b6c877f773e0df39c43006b0adbfdd046b54c63d93f1be800573c856fe5
-
SHA512
4405a23de6332356a7760e0cf1a737cfb66cc0954d5c78e9dade07ec28de8ef5f0ffa43fd4fd24e2c1a2ec439b12e81a0ecee349ef4f169add5d1c8647b6201d
Malware Config
Targets
-
-
Target
AutoBuilderMacros/Macros.exe
-
Size
394.2MB
-
MD5
d7ea6fc680ee6587665f9d06cc7676dd
-
SHA1
4551f39fde4cf57b01a0b92b62338dfef66e2596
-
SHA256
295407c53ab70dcf85a28de7e14d82e5dd08a7544fb9169fd7c3ccc6797b70a5
-
SHA512
e79be59591180d5baee872b4298a694419bf52a192438bcdc5256f1081ac9bfb96d75fde589bc09180628360ef38587cfad236925026b8daa4e9531d0738b840
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-