General
-
Target
d5066f6eb484e09f7c3eb427b1ce981ac2d2cf71aaa4d2aa2be126c65ff384b1
-
Size
3.2MB
-
Sample
240524-ede26aca57
-
MD5
458d9dfeb81e8711b5696bc0ffd3ded6
-
SHA1
4472ac0990d473adf11be604b4f820d25e9f501f
-
SHA256
d5066f6eb484e09f7c3eb427b1ce981ac2d2cf71aaa4d2aa2be126c65ff384b1
-
SHA512
aebf9aefa9227c1fd9b00b98748efa8101bcfa734db94ea15a9efa49af3f1edd24c86c94f7410d9208edc30abdf0f385c04cb6b9961097703e9effa21c1c91ef
-
SSDEEP
98304:ipDHq5DWoLo+p4xWpc4uTdjiZM2RULBHOIL8x:ipec+phpc3TdufG6
Malware Config
Targets
-
-
Target
d5066f6eb484e09f7c3eb427b1ce981ac2d2cf71aaa4d2aa2be126c65ff384b1
-
Size
3.2MB
-
MD5
458d9dfeb81e8711b5696bc0ffd3ded6
-
SHA1
4472ac0990d473adf11be604b4f820d25e9f501f
-
SHA256
d5066f6eb484e09f7c3eb427b1ce981ac2d2cf71aaa4d2aa2be126c65ff384b1
-
SHA512
aebf9aefa9227c1fd9b00b98748efa8101bcfa734db94ea15a9efa49af3f1edd24c86c94f7410d9208edc30abdf0f385c04cb6b9961097703e9effa21c1c91ef
-
SSDEEP
98304:ipDHq5DWoLo+p4xWpc4uTdjiZM2RULBHOIL8x:ipec+phpc3TdufG6
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-