General
-
Target
66208933a62ec961b67c6289459c6ead98a1fcc8a6bfa7ffba405f8db4cdf38f
-
Size
6.3MB
-
Sample
240523-fq9b7sef8s
-
MD5
bd82b7f1ca3fc585875fcb075bb68cd1
-
SHA1
7a5903d964cae5f89ce38316bf769160a7ffc0a9
-
SHA256
66208933a62ec961b67c6289459c6ead98a1fcc8a6bfa7ffba405f8db4cdf38f
-
SHA512
900a02ebf55a52baf08538526488117be0b1a3b24957b1c491d352eb3fbe756fce883baaa37b33c790a654a62d6b9a17cb6d89d5927bbceee8d3e9be41bb1ec6
-
SSDEEP
196608:+I73LC7GUybbWkgcOjymf+uauNC+9fii/97BC:+I73LmGzWkZOjymNIaf7e
Malware Config
Targets
-
-
Target
66208933a62ec961b67c6289459c6ead98a1fcc8a6bfa7ffba405f8db4cdf38f
-
Size
6.3MB
-
MD5
bd82b7f1ca3fc585875fcb075bb68cd1
-
SHA1
7a5903d964cae5f89ce38316bf769160a7ffc0a9
-
SHA256
66208933a62ec961b67c6289459c6ead98a1fcc8a6bfa7ffba405f8db4cdf38f
-
SHA512
900a02ebf55a52baf08538526488117be0b1a3b24957b1c491d352eb3fbe756fce883baaa37b33c790a654a62d6b9a17cb6d89d5927bbceee8d3e9be41bb1ec6
-
SSDEEP
196608:+I73LC7GUybbWkgcOjymf+uauNC+9fii/97BC:+I73LmGzWkZOjymNIaf7e
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-