General
-
Target
5c03c3e439bad3efd2227be9ad8247fb57d24edec3d38261fd285e4d9bd72ffb
-
Size
1.2MB
-
Sample
221127-sw6vgsgg39
-
MD5
6aa7a0661e8247c931ccb31b66cfe63d
-
SHA1
870ab1705413947d5184c114a4e4e90ade0ade62
-
SHA256
5c03c3e439bad3efd2227be9ad8247fb57d24edec3d38261fd285e4d9bd72ffb
-
SHA512
e674108ec3205aa367804320b72c807378e85eaba55ac479e7ce49ff9691d95559441836ffdfa0c8e26db19404c5a97bbce5cab5797c2b036c51e7710456f4f0
-
SSDEEP
24576:7msNGeXh6DxlknLWTX+ldXky+pTJ4V0/R4GRcz:/NnR6DfKLWz+bv7V0p4d
Malware Config
Targets
-
-
Target
5c03c3e439bad3efd2227be9ad8247fb57d24edec3d38261fd285e4d9bd72ffb
-
Size
1.2MB
-
MD5
6aa7a0661e8247c931ccb31b66cfe63d
-
SHA1
870ab1705413947d5184c114a4e4e90ade0ade62
-
SHA256
5c03c3e439bad3efd2227be9ad8247fb57d24edec3d38261fd285e4d9bd72ffb
-
SHA512
e674108ec3205aa367804320b72c807378e85eaba55ac479e7ce49ff9691d95559441836ffdfa0c8e26db19404c5a97bbce5cab5797c2b036c51e7710456f4f0
-
SSDEEP
24576:7msNGeXh6DxlknLWTX+ldXky+pTJ4V0/R4GRcz:/NnR6DfKLWz+bv7V0p4d
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-