General
-
Target
Valorant_Cleaner.exe
-
Size
3.1MB
-
Sample
240411-vt1a2abd6z
-
MD5
5c04631fafe2dbe3449a83310dcdf9b1
-
SHA1
bccdbaf8352dec9f0e4a25cf74021e23b2ff6a7d
-
SHA256
e085adcc6a2c0ed6115ccb2b9ddaf5b8204b0e9c7a2f62c4fe922b0551d96f53
-
SHA512
2eb26a7690d29b785a6c8d05bc317e8c720dbeb4173b46afbd293cca7f1b95f6ab76c01f9731021a35e5733f07cd46cb4f691484f3275b8717cb0f67fa59b174
-
SSDEEP
98304:PM/QLILHnQ9Ku35LGALBqzroXWC8nkYlx:U/QU7QfpVFqnoXWCelx
Malware Config
Targets
-
-
Target
Valorant_Cleaner.exe
-
Size
3.1MB
-
MD5
5c04631fafe2dbe3449a83310dcdf9b1
-
SHA1
bccdbaf8352dec9f0e4a25cf74021e23b2ff6a7d
-
SHA256
e085adcc6a2c0ed6115ccb2b9ddaf5b8204b0e9c7a2f62c4fe922b0551d96f53
-
SHA512
2eb26a7690d29b785a6c8d05bc317e8c720dbeb4173b46afbd293cca7f1b95f6ab76c01f9731021a35e5733f07cd46cb4f691484f3275b8717cb0f67fa59b174
-
SSDEEP
98304:PM/QLILHnQ9Ku35LGALBqzroXWC8nkYlx:U/QU7QfpVFqnoXWCelx
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-