General
-
Target
7cba60a274b979489c44d08d6ce00e91af5883abc903b38bdbd865688a49892d
-
Size
7.3MB
-
Sample
230322-lnd16sga69
-
MD5
b762ef2c783c8d8d3b74a101dab467d1
-
SHA1
a4afa425b4801d1b6d88d4861a7c27363e278072
-
SHA256
7cba60a274b979489c44d08d6ce00e91af5883abc903b38bdbd865688a49892d
-
SHA512
2ce6d651f096882dd8b243488f163ce81b58c19dc40a4cabdc6b6ec4924bce40e9592116fbe9bbced040b488ed7d7196c70a4d6b2c078a98c17f30345093e6c9
-
SSDEEP
196608:8bEGjtEq9RmgJXvajnCZnxPkKaTwJYDkuho:4tEvgNJZiqO4
Malware Config
Targets
-
-
Target
7cba60a274b979489c44d08d6ce00e91af5883abc903b38bdbd865688a49892d
-
Size
7.3MB
-
MD5
b762ef2c783c8d8d3b74a101dab467d1
-
SHA1
a4afa425b4801d1b6d88d4861a7c27363e278072
-
SHA256
7cba60a274b979489c44d08d6ce00e91af5883abc903b38bdbd865688a49892d
-
SHA512
2ce6d651f096882dd8b243488f163ce81b58c19dc40a4cabdc6b6ec4924bce40e9592116fbe9bbced040b488ed7d7196c70a4d6b2c078a98c17f30345093e6c9
-
SSDEEP
196608:8bEGjtEq9RmgJXvajnCZnxPkKaTwJYDkuho:4tEvgNJZiqO4
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-