General
-
Target
modest-menu_v0.9.8_(Kiddionsmodmenu.com)_.zip
-
Size
15.3MB
-
Sample
230320-y1ybssfc33
-
MD5
af9c9de33a29273cae626d0f17969783
-
SHA1
dbd02372275e226a5bc98d3f40e59e217caf4a14
-
SHA256
96349b4ca999a16f0e3b2159c41d25685e3dca999322b3a29b25369a24f63ed1
-
SHA512
c5853928e27029c653d036e096cc5add55a32fc22d760e35fe20271e36d4e5bce4edc17be41f87b05ccd2de886c1222ed390040e4e767b4a6fc32ea8e1ed275b
-
SSDEEP
393216:SppNV85+fjQdAYnLHbcnM/tIMZTLmhvnq6LuuRopdp3vVoJocfx:cYkcdAcLHbcnM/t5Wh/6HpdpdoScfx
Malware Config
Targets
-
-
Target
modest-menu.exe
-
Size
15.3MB
-
MD5
af6b000cca334405709a7a45f07b1788
-
SHA1
57c2502d8ca01a6da5b7ab4e61f857e9e0fd40f8
-
SHA256
0a03f7b518d5bc76cf58e1bfaad2b6840262b494553626c3727acbb8bd70cb91
-
SHA512
5dcfefd3dd7111fad2b96cad039a0aa3ea388d1666b20a2ada004c05658171b52b26d699b77564031960505c02cdaf440c66c2694d33ead970fe6fcd8b299b5e
-
SSDEEP
393216:9FESY8FS6GWgq2pyqNqfMgpcbVTv1OGOSHC84uza:DESYUS6GPqqNqUvToGOSHC8w
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-