General
-
Target
9638740296.zip
-
Size
153.1MB
-
Sample
230320-qs3ybadf92
-
MD5
bf5ea75541203ae57f049e39b2e65a21
-
SHA1
a20f2df4e439ab52fa816c541177de3cc5f457da
-
SHA256
1563f1cce7bb82eb4a040280c293c16fa76d20012ed8f66029820b4de39d5af8
-
SHA512
e7e12f0253064d1459bc1ed46725131782ac263358bcbf757af87ce4fa35ae18eb3b3a5934f03b35a84dadbaadfef3dc4ad924257644dde2cc4fe8e1359fff2e
-
SSDEEP
3145728:SE1+9XmEEK/WkWJFqpOk5DOX1S2kFCQY8sucfZGNHGKyQogUpOkDHMZLbQ/PSTQd:SXmp/J0KS2ka/pRGNHtEgmOIMZLY688C
Malware Config
Targets
-
-
Target
2f3eb599e9708d90124a47253d98af066a7e341ae815945fbe519ed6f50b6c47
-
Size
153.3MB
-
MD5
d56cf3cc116d6e83c9544828fea682cb
-
SHA1
c7304abbca382b935b8346474d55ecb2ba0d93f8
-
SHA256
2f3eb599e9708d90124a47253d98af066a7e341ae815945fbe519ed6f50b6c47
-
SHA512
cbc426e3fab8c8006db47edd9b1d191e9abd1f98de862ccbc7a715b3e4fabf8ccf516fa2be7585d7123339431bbc3362e9c8d3f553c182691e1952fa811d0ddd
-
SSDEEP
3145728:S7NEDBJNaNu3czOhsYBpYpUnVnwY8d5SUT9DFUnLLMLRHaAxoI9zo5f72:mgJNEu0RpUnVnwddsUThFm8haAh5
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-