General
-
Target
2c9b210368b61b07c49a03362a50f09bc56fdc014403e84dcd6e5b9cbf6d222a
-
Size
8.1MB
-
Sample
240523-ftzxyaeg75
-
MD5
20b9497d1553008661299125ed5c1500
-
SHA1
dbe373300c2df57307a587f0cb924ef9b9b28524
-
SHA256
2c9b210368b61b07c49a03362a50f09bc56fdc014403e84dcd6e5b9cbf6d222a
-
SHA512
d1df4e17b3cc9380d18947a8125aeaf67180920ff209a5a92fbf167229c3d1b1d60b2c636f23ea1e4f18975efb6d5afefd6180389e0224f982c2e6202d8b6512
-
SSDEEP
196608:sBNYWIKYmYJCSgJjYUyjQxYkAhW1TET+ivmIH/de:sBNYVvISgJjYUyjlkAhWBTivmq/de
Malware Config
Targets
-
-
Target
2c9b210368b61b07c49a03362a50f09bc56fdc014403e84dcd6e5b9cbf6d222a
-
Size
8.1MB
-
MD5
20b9497d1553008661299125ed5c1500
-
SHA1
dbe373300c2df57307a587f0cb924ef9b9b28524
-
SHA256
2c9b210368b61b07c49a03362a50f09bc56fdc014403e84dcd6e5b9cbf6d222a
-
SHA512
d1df4e17b3cc9380d18947a8125aeaf67180920ff209a5a92fbf167229c3d1b1d60b2c636f23ea1e4f18975efb6d5afefd6180389e0224f982c2e6202d8b6512
-
SSDEEP
196608:sBNYWIKYmYJCSgJjYUyjQxYkAhW1TET+ivmIH/de:sBNYVvISgJjYUyjlkAhWBTivmq/de
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-