General
-
Target
Moonware.exe
-
Size
2.6MB
-
Sample
240309-p8qr9agc62
-
MD5
b53b58bf6409d010538c6eea095a07f6
-
SHA1
8c699214d0e6057e7cdcc67b9e4856c7d762ed35
-
SHA256
f5a116ed14dda36706d07f881a1e01630f4fe7bb8bf6f799c4754ffba63071bb
-
SHA512
82aba755a218a06a69db9d5eb9d1bb8b50291a27329f6a15355e0d5dfefc0c1cea1a7f8ba1300a9253a817c9eddcd9588eb704370eba52d251438bd3f9124754
-
SSDEEP
49152:q9Mhw2vE9jPyTW7xOvwrj25W16Upx0lveEFzBduxhBEDxhh+TeafKmmx:qGhhvuj6HYbXYvekYODzh+Say
Malware Config
Targets
-
-
Target
Moonware.exe
-
Size
2.6MB
-
MD5
b53b58bf6409d010538c6eea095a07f6
-
SHA1
8c699214d0e6057e7cdcc67b9e4856c7d762ed35
-
SHA256
f5a116ed14dda36706d07f881a1e01630f4fe7bb8bf6f799c4754ffba63071bb
-
SHA512
82aba755a218a06a69db9d5eb9d1bb8b50291a27329f6a15355e0d5dfefc0c1cea1a7f8ba1300a9253a817c9eddcd9588eb704370eba52d251438bd3f9124754
-
SSDEEP
49152:q9Mhw2vE9jPyTW7xOvwrj25W16Upx0lveEFzBduxhBEDxhh+TeafKmmx:qGhhvuj6HYbXYvekYODzh+Say
Score9/10-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-