General
-
Target
93f99386e0b33882d70e9a68e42008057966f7ab82a230ff0d9ab7a37ed9d021
-
Size
8.2MB
-
Sample
221127-zvrshadb5z
-
MD5
45be89b3b9b78d19a7fcad7ad7814eb6
-
SHA1
e103196df4d31a65cc451ee6cf21a10491a2f289
-
SHA256
93f99386e0b33882d70e9a68e42008057966f7ab82a230ff0d9ab7a37ed9d021
-
SHA512
52691acde8f0ce28a68a5e548b1e7cbc096e43b3db7d24e4dad5eb50160d68d8894fdf37094c81ca92badf95a0ec63ce5edee8fd42d4bb8c4878462d4e8098f7
-
SSDEEP
196608:udQoy9K3IOi5KBFD+UHEXf1ERI601N5Ev3Bz0dh82sj3X:u+7g3rxkUwdwntv3tE/0
Malware Config
Targets
-
-
Target
93f99386e0b33882d70e9a68e42008057966f7ab82a230ff0d9ab7a37ed9d021
-
Size
8.2MB
-
MD5
45be89b3b9b78d19a7fcad7ad7814eb6
-
SHA1
e103196df4d31a65cc451ee6cf21a10491a2f289
-
SHA256
93f99386e0b33882d70e9a68e42008057966f7ab82a230ff0d9ab7a37ed9d021
-
SHA512
52691acde8f0ce28a68a5e548b1e7cbc096e43b3db7d24e4dad5eb50160d68d8894fdf37094c81ca92badf95a0ec63ce5edee8fd42d4bb8c4878462d4e8098f7
-
SSDEEP
196608:udQoy9K3IOi5KBFD+UHEXf1ERI601N5Ev3Bz0dh82sj3X:u+7g3rxkUwdwntv3tE/0
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-