General
-
Target
0411dbefd10a56662ff9c5c23862c3ff54fa68ac5a08c290b9590c7da25ce10a
-
Size
14.1MB
-
Sample
240523-xk8xxsce77
-
MD5
7a889665adc9300bf6fa5a0c9de6ea85
-
SHA1
ec239770b0be0d1adddb63ad547809705c378ea6
-
SHA256
0411dbefd10a56662ff9c5c23862c3ff54fa68ac5a08c290b9590c7da25ce10a
-
SHA512
018c722b7b1552ed34c877c4109c047505e869b193a0a7a76e36d01d772df287ba8fb7fa680a70b26859c3ed244889ab2bed9cff091069e39a43bf32a0c507a8
-
SSDEEP
393216:AQu7e763RLYK7aZWbtjW/UBeKNcoCY5wtz3vC1:rF6sK7GkRhCtQ
Malware Config
Targets
-
-
Target
0411dbefd10a56662ff9c5c23862c3ff54fa68ac5a08c290b9590c7da25ce10a
-
Size
14.1MB
-
MD5
7a889665adc9300bf6fa5a0c9de6ea85
-
SHA1
ec239770b0be0d1adddb63ad547809705c378ea6
-
SHA256
0411dbefd10a56662ff9c5c23862c3ff54fa68ac5a08c290b9590c7da25ce10a
-
SHA512
018c722b7b1552ed34c877c4109c047505e869b193a0a7a76e36d01d772df287ba8fb7fa680a70b26859c3ed244889ab2bed9cff091069e39a43bf32a0c507a8
-
SSDEEP
393216:AQu7e763RLYK7aZWbtjW/UBeKNcoCY5wtz3vC1:rF6sK7GkRhCtQ
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-