General
-
Target
7cc1ba586fee26473559976f3f42c89ad62c43872e65341c156aa1d5f9af811c
-
Size
2.5MB
-
Sample
240410-pa5hraac2v
-
MD5
8c2274264b2797e30d44411bbd36f942
-
SHA1
31b37127440193b9c8ecabedc214ef51a41b833c
-
SHA256
7cc1ba586fee26473559976f3f42c89ad62c43872e65341c156aa1d5f9af811c
-
SHA512
376c4e25c9edd8984c7eb6585e2ac7aa6a73b4ab9927f6a65c13431bef5c6a956d11ebdc9e6e9c668ad0bf7352679f38a8c68250c82058d9f75c0d9ac6118c61
-
SSDEEP
49152:u9hzVlHgIJa177HiK+FcON6s90UoSE+yRiW/6A0d2pJ2j73+e:urLAW4HMz9+XyP2pEv
Malware Config
Targets
-
-
Target
7cc1ba586fee26473559976f3f42c89ad62c43872e65341c156aa1d5f9af811c
-
Size
2.5MB
-
MD5
8c2274264b2797e30d44411bbd36f942
-
SHA1
31b37127440193b9c8ecabedc214ef51a41b833c
-
SHA256
7cc1ba586fee26473559976f3f42c89ad62c43872e65341c156aa1d5f9af811c
-
SHA512
376c4e25c9edd8984c7eb6585e2ac7aa6a73b4ab9927f6a65c13431bef5c6a956d11ebdc9e6e9c668ad0bf7352679f38a8c68250c82058d9f75c0d9ac6118c61
-
SSDEEP
49152:u9hzVlHgIJa177HiK+FcON6s90UoSE+yRiW/6A0d2pJ2j73+e:urLAW4HMz9+XyP2pEv
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-