General
-
Target
1bc425f4f4dc08d0284da9f0c03364a0d87b465e6adfcfbd4c1b3cd9e126348d
-
Size
15.1MB
-
Sample
240522-swjd7afh25
-
MD5
5a9b1108876c26ad6d33a03d9e125cc9
-
SHA1
d3fe9893fd4d8689d1b2f0912c94f92ccdec0090
-
SHA256
1bc425f4f4dc08d0284da9f0c03364a0d87b465e6adfcfbd4c1b3cd9e126348d
-
SHA512
ff82a6f9e4796008f15857fdc8b76e56aff7e4dc0f7f9b87defe6297ae1cc62db3b16a65e7b93dd8e43cf61d4e7b4f7642788e878262d8fa6f5c96ad55174d08
-
SSDEEP
393216:qVswOBQKTwNi9xNguzbQYe6AFtN0KuBDF:m0BbQ2NguzwbA/
Malware Config
Targets
-
-
Target
1bc425f4f4dc08d0284da9f0c03364a0d87b465e6adfcfbd4c1b3cd9e126348d
-
Size
15.1MB
-
MD5
5a9b1108876c26ad6d33a03d9e125cc9
-
SHA1
d3fe9893fd4d8689d1b2f0912c94f92ccdec0090
-
SHA256
1bc425f4f4dc08d0284da9f0c03364a0d87b465e6adfcfbd4c1b3cd9e126348d
-
SHA512
ff82a6f9e4796008f15857fdc8b76e56aff7e4dc0f7f9b87defe6297ae1cc62db3b16a65e7b93dd8e43cf61d4e7b4f7642788e878262d8fa6f5c96ad55174d08
-
SSDEEP
393216:qVswOBQKTwNi9xNguzbQYe6AFtN0KuBDF:m0BbQ2NguzwbA/
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-