General
-
Target
LolScriptV13.1.rar
-
Size
24.6MB
-
Sample
230207-ap8rdsgf37
-
MD5
5a34f26a9d49e00068104813b4c2475f
-
SHA1
25de31f845d716ddeb1498f276d873202d856a1a
-
SHA256
601b112502f810f643b1c87b245f50533b472c13d87e69c187ce46daefe63bcf
-
SHA512
63e71f9878e8e17977a917c49f27f06c4a6d7d06a698e740565d2eb19b90351066943309b43a91403fb5e2a45a3aff67a915e4744f27f0e90fae74f39e27c558
-
SSDEEP
393216:KKkDiTrj3BCbswubHx3jcRCx7z4zvPVBJdnbjPvgTgRHmNdc1CGJZk6bRVqKnz84:KKkmTnD+RCtovPjvnPTB0k/qnKIWb8Mz
Static task
static1
Behavioral task
behavioral1
Sample
LolScriptV13.1/LolScriptV13.1/LolScript/LolScript.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
LolScriptV13.1/LolScriptV13.1/LolScript/LolScript.exe
-
Size
11.0MB
-
MD5
15f8670edce8902831bf9541c8749e90
-
SHA1
bcb53912c22a7328e3ead74b5dd01400d6ee5536
-
SHA256
f8bae3cd04ff1b52391dc3c62f5e47a44be2271dcba9964290ce5f81b0e32e85
-
SHA512
8ce3d82ffa17d5e1a15f37f08f0af54a86e9100806dda7c099e1758fff41c9a60b0658e93cbeec0465e70280296ef545054d1d3927fdbcd6468361528fb8c5fc
-
SSDEEP
196608:QsKmZRO75oqIqZzeYZ14asm96c0p7rUMNsMC/pb4jKooMFteo4XTi22MXW1jAiJn:QsXZIPIaR+UGxrpNsM2pb4jK1osTi20P
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-