General
-
Target
Blueberry_Fortmeme_Injector_Release.exe
-
Size
4.2MB
-
Sample
230328-ab5skshg9t
-
MD5
1452fde0bd476a4daa12d2e415a51fe2
-
SHA1
fb47580708acefe32af301b4214e6399a5a023f2
-
SHA256
e9a77559aca2dbad88861c7f806cddd48d71f3d4e063367c85fcbe99508a79bc
-
SHA512
6d94f175f8b5bfd8995bc2b7610a4a0b3bc89db12e0462d5808324f9a8c914ae7e9bce77ce4c146642ab05a944635019b8e189a6fb62fc121d43b481eda342ec
-
SSDEEP
98304:8byLF2yUoEBX90eYjjpzTKiTRdUtqGLkQSSqsjDpvsbdU6b:q+4BzBX9eOi1dUtDLkkqsvUdtb
Behavioral task
behavioral1
Sample
Blueberry_Fortmeme_Injector_Release.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Blueberry_Fortmeme_Injector_Release.exe
-
Size
4.2MB
-
MD5
1452fde0bd476a4daa12d2e415a51fe2
-
SHA1
fb47580708acefe32af301b4214e6399a5a023f2
-
SHA256
e9a77559aca2dbad88861c7f806cddd48d71f3d4e063367c85fcbe99508a79bc
-
SHA512
6d94f175f8b5bfd8995bc2b7610a4a0b3bc89db12e0462d5808324f9a8c914ae7e9bce77ce4c146642ab05a944635019b8e189a6fb62fc121d43b481eda342ec
-
SSDEEP
98304:8byLF2yUoEBX90eYjjpzTKiTRdUtqGLkQSSqsjDpvsbdU6b:q+4BzBX9eOi1dUtDLkkqsvUdtb
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-