General
-
Target
4a6ab4b5c4b58f02a728510de04547dcb6029b3a338d06318a13440a126d717b
-
Size
4.8MB
-
Sample
240525-wsm5rada4w
-
MD5
5defe1b9d5a15cd1efeba9f7a264d38c
-
SHA1
8337fc4e06f453cbecca491de97c3ea4543759a9
-
SHA256
4a6ab4b5c4b58f02a728510de04547dcb6029b3a338d06318a13440a126d717b
-
SHA512
31ca60d908594c550638142b676da239cfdda125ce9f3555115be1839be75527c47f5f4b945a3a02c6659c1662193a1eb7e29951c860fe9a98cf7881370554c6
-
SSDEEP
98304:eIIYZENCg0lxVQjNMwmHs3coLdFAkYIVEOx5VWr5hSBGz8isqXd:eDCgmQjNM0coLjAaJrI+a8g
Static task
static1
Behavioral task
behavioral1
Sample
4a6ab4b5c4b58f02a728510de04547dcb6029b3a338d06318a13440a126d717b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4a6ab4b5c4b58f02a728510de04547dcb6029b3a338d06318a13440a126d717b.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
4a6ab4b5c4b58f02a728510de04547dcb6029b3a338d06318a13440a126d717b
-
Size
4.8MB
-
MD5
5defe1b9d5a15cd1efeba9f7a264d38c
-
SHA1
8337fc4e06f453cbecca491de97c3ea4543759a9
-
SHA256
4a6ab4b5c4b58f02a728510de04547dcb6029b3a338d06318a13440a126d717b
-
SHA512
31ca60d908594c550638142b676da239cfdda125ce9f3555115be1839be75527c47f5f4b945a3a02c6659c1662193a1eb7e29951c860fe9a98cf7881370554c6
-
SSDEEP
98304:eIIYZENCg0lxVQjNMwmHs3coLdFAkYIVEOx5VWr5hSBGz8isqXd:eDCgmQjNM0coLjAaJrI+a8g
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-