General
-
Target
a63e64ff30dfde0046f140339cbbfe06084a79862e075ecfd38d3a7339e1924a
-
Size
2.4MB
-
Sample
240413-aq4h3abf6x
-
MD5
7635d83d86369cb2c64fb7483ad34a83
-
SHA1
7d0dedc0fffed4e90b86cfb321d907422aa88703
-
SHA256
a63e64ff30dfde0046f140339cbbfe06084a79862e075ecfd38d3a7339e1924a
-
SHA512
981dc1be2d2b53b6aa851d66f51a3e486b2321e8a06a622e9abaffdff9dcf49ad1a82ae613218edc3fe51c6321f66b6bf8090a92d13f0710962476c97e7dcb7b
-
SSDEEP
49152:L3KoBQxG9i9w4QclMHG/m9FBiC1y/uUNxff0vhtAFE9P/qX/Sk:L3KkQMcNQlHG/oF8aUz0vnx9g
Behavioral task
behavioral1
Sample
a63e64ff30dfde0046f140339cbbfe06084a79862e075ecfd38d3a7339e1924a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a63e64ff30dfde0046f140339cbbfe06084a79862e075ecfd38d3a7339e1924a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
a63e64ff30dfde0046f140339cbbfe06084a79862e075ecfd38d3a7339e1924a
-
Size
2.4MB
-
MD5
7635d83d86369cb2c64fb7483ad34a83
-
SHA1
7d0dedc0fffed4e90b86cfb321d907422aa88703
-
SHA256
a63e64ff30dfde0046f140339cbbfe06084a79862e075ecfd38d3a7339e1924a
-
SHA512
981dc1be2d2b53b6aa851d66f51a3e486b2321e8a06a622e9abaffdff9dcf49ad1a82ae613218edc3fe51c6321f66b6bf8090a92d13f0710962476c97e7dcb7b
-
SSDEEP
49152:L3KoBQxG9i9w4QclMHG/m9FBiC1y/uUNxff0vhtAFE9P/qX/Sk:L3KkQMcNQlHG/oF8aUz0vnx9g
Score9/10-
Detects executables packed with Themida
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Modifies AppInit DLL entries
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-