General
-
Target
8cb5b0abe8009791bf8969932f607bf84e53eaf9d1fff13a558306e19902ef71
-
Size
3.8MB
-
Sample
221011-r6ecjsadc7
-
MD5
223eba922c27f7797407e8f2f8619467
-
SHA1
a431a61e7e1948148cb778d3156a366b7aafeb9d
-
SHA256
8cb5b0abe8009791bf8969932f607bf84e53eaf9d1fff13a558306e19902ef71
-
SHA512
92473c26276c423dce633d54ce6e4b17910d78257e3ae82a37841cbc6dbffe7c86d6acba220f941016575ca8a2cdadc5483531acfd4cd4a5bcf0f46b665de3c6
-
SSDEEP
98304:RgABnApn1nA8+UX6A2FHAjBYiY6aZn+zcTs:iAZAd1A8+UXzKAY6w+zcTs
Malware Config
Targets
-
-
Target
8cb5b0abe8009791bf8969932f607bf84e53eaf9d1fff13a558306e19902ef71
-
Size
3.8MB
-
MD5
223eba922c27f7797407e8f2f8619467
-
SHA1
a431a61e7e1948148cb778d3156a366b7aafeb9d
-
SHA256
8cb5b0abe8009791bf8969932f607bf84e53eaf9d1fff13a558306e19902ef71
-
SHA512
92473c26276c423dce633d54ce6e4b17910d78257e3ae82a37841cbc6dbffe7c86d6acba220f941016575ca8a2cdadc5483531acfd4cd4a5bcf0f46b665de3c6
-
SSDEEP
98304:RgABnApn1nA8+UX6A2FHAjBYiY6aZn+zcTs:iAZAd1A8+UXzKAY6w+zcTs
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-