General
-
Target
43de1bfb074c044795c037f580d82f56da696259e4fa1714e6fd447da148b9cc
-
Size
5.2MB
-
Sample
231012-xpzj2shf2w
-
MD5
ad8a072aa1c52240563adda20a7c4a0e
-
SHA1
5eb70c43d47a1aefe06b8edc1e539b5616724655
-
SHA256
43de1bfb074c044795c037f580d82f56da696259e4fa1714e6fd447da148b9cc
-
SHA512
1d80a7dd1df951e646f31da9ab95ccdac532826599bbbb06d7c2d1fbb23fe8f9882bbab1a67f24d1a6a7b7dc3372e842a39c063a9db298f466fa760a90452678
-
SSDEEP
98304:0aRGyQ4GFAi4gRvFRMA7cmsVbvSdLB29vRORAS3VJZcC7+ojV42plKer5aG:XRGNR/4gRvFRlsVmdLBgcCS3PmJoJ429
Malware Config
Targets
-
-
Target
43de1bfb074c044795c037f580d82f56da696259e4fa1714e6fd447da148b9cc
-
Size
5.2MB
-
MD5
ad8a072aa1c52240563adda20a7c4a0e
-
SHA1
5eb70c43d47a1aefe06b8edc1e539b5616724655
-
SHA256
43de1bfb074c044795c037f580d82f56da696259e4fa1714e6fd447da148b9cc
-
SHA512
1d80a7dd1df951e646f31da9ab95ccdac532826599bbbb06d7c2d1fbb23fe8f9882bbab1a67f24d1a6a7b7dc3372e842a39c063a9db298f466fa760a90452678
-
SSDEEP
98304:0aRGyQ4GFAi4gRvFRMA7cmsVbvSdLB29vRORAS3VJZcC7+ojV42plKer5aG:XRGNR/4gRvFRlsVmdLBgcCS3PmJoJ429
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-