General
-
Target
a03e180f08f32f630aeafc3402ec373a.bin
-
Size
12.6MB
-
Sample
230328-cmjetsac7w
-
MD5
b0103a9e645a04cb5beb8e7eb1f8423c
-
SHA1
59eb375a9b470c32173c29236496217c248e333b
-
SHA256
339fdc75a76d6c564b0e6141e774f2aded372f06f9cd6169674cef0d86dc3fb3
-
SHA512
98d7af6215b7372d7d42d607789e74f6b5b141ea8947130d59fbc7fb75ccc5df448f9288a4f1e4abb0c7d169bbfce8154101c22365decaff16de74265f071aac
-
SSDEEP
196608:PKvNKazib5mgCl9WKjtE0DhIgggyBMHwtUP0V/Vx22svOaHDQf/nAz4/OJ:yVKa7gCSMK0DhIg0B+vux22aGok2J
Malware Config
Targets
-
-
Target
28b697be1636fd2f853522358bd24a7215792ff0556849e5623997a2162a37e3.bin
-
Size
12.8MB
-
MD5
a03e180f08f32f630aeafc3402ec373a
-
SHA1
658720b09683597920d843d5177a1cc37bbed9f9
-
SHA256
28b697be1636fd2f853522358bd24a7215792ff0556849e5623997a2162a37e3
-
SHA512
eb3f41eb46a2ef94af4f17c0a282212d34042613acc1f29ceef4836d91c74ebd38102933ae325199179e67e767344fcb429fdb1991cc0b0535651de23a7b7db4
-
SSDEEP
196608:lq6DE4kBPWNWDoJ013AK+Iwn9l7W/8mNTaS63eTCR6VQj0tkxiXUjgnDitU4CSt:l5rueWDolKqn9l7zXRGGLrgnDRm
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-