General
-
Target
be1363a19716c5e32da206ba6dcca80681152a91d67379128352655d0317b775
-
Size
2.9MB
-
Sample
221123-xr23ysag9z
-
MD5
68cbf4a764bd3da616b6426f8ee2fd42
-
SHA1
69deb224d550f4589e10170005ad862748964b9a
-
SHA256
be1363a19716c5e32da206ba6dcca80681152a91d67379128352655d0317b775
-
SHA512
0b511fb4cd3bf5df846f48faf062f1245dc79697429a64d7c4854554ef088bfc36fa6ce3328eadd468e52a3f90d4775796ede7506e361a9051b149a3170d9d71
-
SSDEEP
49152:zMtQqMq0Yya4SOHZ3+TFTdclL/4J8200q5VWy7EeNmpQ1qocB+t/5m/hN/cM/q7P:otQLLY73OH0dclL/4JoPtQAmpQ1qoc2V
Malware Config
Targets
-
-
Target
be1363a19716c5e32da206ba6dcca80681152a91d67379128352655d0317b775
-
Size
2.9MB
-
MD5
68cbf4a764bd3da616b6426f8ee2fd42
-
SHA1
69deb224d550f4589e10170005ad862748964b9a
-
SHA256
be1363a19716c5e32da206ba6dcca80681152a91d67379128352655d0317b775
-
SHA512
0b511fb4cd3bf5df846f48faf062f1245dc79697429a64d7c4854554ef088bfc36fa6ce3328eadd468e52a3f90d4775796ede7506e361a9051b149a3170d9d71
-
SSDEEP
49152:zMtQqMq0Yya4SOHZ3+TFTdclL/4J8200q5VWy7EeNmpQ1qocB+t/5m/hN/cM/q7P:otQLLY73OH0dclL/4JoPtQAmpQ1qoc2V
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-