General
-
Target
Blueberry_External_Updated_Fixed.exe
-
Size
4.2MB
-
Sample
240411-kktrsaba2z
-
MD5
b5709c0c0631f7fe04a80f9c5275cc23
-
SHA1
a7504068e362d228903ea320d0c2eee4c9edb968
-
SHA256
25f01407eb4777ac941fc8888c817751e24ee58a9ef3b3f9942ed9cdbf846435
-
SHA512
ad33caca9b35415cf03af6a7792d0d8203cec97f5e8e1ee1f9618357c8165d2dfc64ae6115a4cd55de31129889281626156121f2831926d5253724f0c6581b9c
-
SSDEEP
98304:KVxiViMwzAPkNAa5k4ieKPLWXEsXS5T5IS:KGkMwzAPXa5dMPhsXuuS
Behavioral task
behavioral1
Sample
Blueberry_External_Updated_Fixed.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Blueberry_External_Updated_Fixed.exe
-
Size
4.2MB
-
MD5
b5709c0c0631f7fe04a80f9c5275cc23
-
SHA1
a7504068e362d228903ea320d0c2eee4c9edb968
-
SHA256
25f01407eb4777ac941fc8888c817751e24ee58a9ef3b3f9942ed9cdbf846435
-
SHA512
ad33caca9b35415cf03af6a7792d0d8203cec97f5e8e1ee1f9618357c8165d2dfc64ae6115a4cd55de31129889281626156121f2831926d5253724f0c6581b9c
-
SSDEEP
98304:KVxiViMwzAPkNAa5k4ieKPLWXEsXS5T5IS:KGkMwzAPXa5dMPhsXuuS
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Sets service image path in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-