General
-
Target
https://cdn.discordapp.com/attachments/1192281445662732288/1208174297172934718/Gold_Loader_Fix_for_Failed_to_Manual_Map.exe?ex=65eb8d7f&is=65d9187f&hm=d1895549b05d5a38da483f24d7272bc645bce919099d0d564c1fea47bdc5700e&
-
Sample
240224-1qq6vafd33
Score
9/10
Malware Config
Targets
-
-
Target
https://cdn.discordapp.com/attachments/1192281445662732288/1208174297172934718/Gold_Loader_Fix_for_Failed_to_Manual_Map.exe?ex=65eb8d7f&is=65d9187f&hm=d1895549b05d5a38da483f24d7272bc645bce919099d0d564c1fea47bdc5700e&
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-