General
-
Target
Heist Editor_[unknowncheats.me]_.exe
-
Size
7.8MB
-
Sample
240412-xpjtlagb51
-
MD5
30b4ce2db1eb3d0e3cd3123f06b9e94a
-
SHA1
a5c67c2249af0f724af4ca56d993e0b13d09b056
-
SHA256
86d1af07dc4a0e2b9e146482d34ba630145ce1cb6636eb0df6881ddf63483e45
-
SHA512
7c0765b4adf89cbdc2718620d97065410cde05a553d01c66fe6315667e363cea01ea6c903efb32fe66317cab742180f4995fb6b094bdb04a045f8059e643d9aa
-
SSDEEP
98304:T2nqXLxpfmSEjsUSzMeoWQQtWJmftckaojKs5+/MV895W1tnNbBdn5CLSHYsLrZU:aK6/leJQSxaojKb/i1tnnySHYEtxq
Behavioral task
behavioral1
Sample
Heist Editor_[unknowncheats.me]_.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
Heist Editor_[unknowncheats.me]_.exe
-
Size
7.8MB
-
MD5
30b4ce2db1eb3d0e3cd3123f06b9e94a
-
SHA1
a5c67c2249af0f724af4ca56d993e0b13d09b056
-
SHA256
86d1af07dc4a0e2b9e146482d34ba630145ce1cb6636eb0df6881ddf63483e45
-
SHA512
7c0765b4adf89cbdc2718620d97065410cde05a553d01c66fe6315667e363cea01ea6c903efb32fe66317cab742180f4995fb6b094bdb04a045f8059e643d9aa
-
SSDEEP
98304:T2nqXLxpfmSEjsUSzMeoWQQtWJmftckaojKs5+/MV895W1tnNbBdn5CLSHYsLrZU:aK6/leJQSxaojKb/i1tnnySHYEtxq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-