General
-
Target
3afc0b7f43852868.exe
-
Size
6.7MB
-
Sample
230329-e87qnaeg33
-
MD5
cd7bb678cd6f45a8be6e104b814f9bcc
-
SHA1
98d93dd94dff51c8383115de3baee303487419fa
-
SHA256
6f7cabfbf7d57ca14d1a76abc1b1e95f93a481a9ac0e734d3bbd9f509f90be0a
-
SHA512
62c47db3297bfbd7a9f43035670735b2c8cce86e410a230a0aa29aa8e7dae968176304ec026cc950b29025a90093315367a7f7bcc67eb144ccee133db406af7e
-
SSDEEP
196608:IEYKvbRonSq5+lQOECwy8pIlhJN3qrAJK25dv:MKvbqN+lQPHy8cXYAf
Malware Config
Targets
-
-
Target
3afc0b7f43852868.exe
-
Size
6.7MB
-
MD5
cd7bb678cd6f45a8be6e104b814f9bcc
-
SHA1
98d93dd94dff51c8383115de3baee303487419fa
-
SHA256
6f7cabfbf7d57ca14d1a76abc1b1e95f93a481a9ac0e734d3bbd9f509f90be0a
-
SHA512
62c47db3297bfbd7a9f43035670735b2c8cce86e410a230a0aa29aa8e7dae968176304ec026cc950b29025a90093315367a7f7bcc67eb144ccee133db406af7e
-
SSDEEP
196608:IEYKvbRonSq5+lQOECwy8pIlhJN3qrAJK25dv:MKvbqN+lQPHy8cXYAf
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-