General
-
Target
fc4636fad3407adafdd1c354be765cb8
-
Size
4.0MB
-
Sample
220815-eq79gagha5
-
MD5
fc4636fad3407adafdd1c354be765cb8
-
SHA1
d03c44676a35c6d8b66a9980620369801c487fc1
-
SHA256
798a73227869f741dfef2febcb8180d71d1748a8f8002097d72f2af0bdad753d
-
SHA512
df311df357788daab81d3ee40eac392e73da0f406bb11b441c85da04ce2ef2fa1692cea13e318e267594324e8200409206f675a56407e3c7167b8d40b67c2774
Malware Config
Targets
-
-
Target
fc4636fad3407adafdd1c354be765cb8
-
Size
4.0MB
-
MD5
fc4636fad3407adafdd1c354be765cb8
-
SHA1
d03c44676a35c6d8b66a9980620369801c487fc1
-
SHA256
798a73227869f741dfef2febcb8180d71d1748a8f8002097d72f2af0bdad753d
-
SHA512
df311df357788daab81d3ee40eac392e73da0f406bb11b441c85da04ce2ef2fa1692cea13e318e267594324e8200409206f675a56407e3c7167b8d40b67c2774
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-