General
-
Target
Clip1.exe
-
Size
3.4MB
-
Sample
230319-q4w9xaaf6z
-
MD5
7c3ba41716690f6d5bca3520700e894c
-
SHA1
d8112039a130dd3d406c8b2386cce5ef8a745ce0
-
SHA256
4e45051d214af572935596233db47eee57ceb6600841815dc51171dee15840f5
-
SHA512
a3f6251d657d7abd982d68252c5085fe0393384c3edb37c19a750afbe95adeb926d5586f54be4f3ea1b314b533bd0676de35f7bd22460f1c0cefc464c8cbf23b
-
SSDEEP
49152:rr1c7Kvf8e9HTgXHXayMSTQ5c1ztH9rDDQvOJRg05T0Oa/rm2ho8IucxzrurVlo9:gKvfd94XayMT5sH9M0aS8o9uWyUhHyk
Malware Config
Targets
-
-
Target
Clip1.exe
-
Size
3.4MB
-
MD5
7c3ba41716690f6d5bca3520700e894c
-
SHA1
d8112039a130dd3d406c8b2386cce5ef8a745ce0
-
SHA256
4e45051d214af572935596233db47eee57ceb6600841815dc51171dee15840f5
-
SHA512
a3f6251d657d7abd982d68252c5085fe0393384c3edb37c19a750afbe95adeb926d5586f54be4f3ea1b314b533bd0676de35f7bd22460f1c0cefc464c8cbf23b
-
SSDEEP
49152:rr1c7Kvf8e9HTgXHXayMSTQ5c1ztH9rDDQvOJRg05T0Oa/rm2ho8IucxzrurVlo9:gKvfd94XayMT5sH9M0aS8o9uWyUhHyk
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-