General
-
Target
d87912fecbca0d2cb4bde5b645f3e9fa6f74ad10b3f1504e1a58b449921baa6f
-
Size
3.2MB
-
Sample
220817-lhyhmadfhr
-
MD5
58ae8f70d1057d1833c2b7366371ea94
-
SHA1
dbfec38f745b0e1e23f7ead03f332118e835efae
-
SHA256
d87912fecbca0d2cb4bde5b645f3e9fa6f74ad10b3f1504e1a58b449921baa6f
-
SHA512
222d833fd3998474300723367ec86268ed86d4f0fc689c4d78609b5abaada4f5e34d2500b8edd1adf4e79cca69f4b42abc20204df85460de1b6dde95b1d282ae
-
SSDEEP
98304:wzrkBzg6P9oaHWPiU2LUhPDtszh6TcLkdX:kqzgGHOiaPD40X
Malware Config
Targets
-
-
Target
d87912fecbca0d2cb4bde5b645f3e9fa6f74ad10b3f1504e1a58b449921baa6f
-
Size
3.2MB
-
MD5
58ae8f70d1057d1833c2b7366371ea94
-
SHA1
dbfec38f745b0e1e23f7ead03f332118e835efae
-
SHA256
d87912fecbca0d2cb4bde5b645f3e9fa6f74ad10b3f1504e1a58b449921baa6f
-
SHA512
222d833fd3998474300723367ec86268ed86d4f0fc689c4d78609b5abaada4f5e34d2500b8edd1adf4e79cca69f4b42abc20204df85460de1b6dde95b1d282ae
-
SSDEEP
98304:wzrkBzg6P9oaHWPiU2LUhPDtszh6TcLkdX:kqzgGHOiaPD40X
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-