General
-
Target
8eb7dc9162c0ca622fbca424b85f18bca0e6ec3486fc239d8276cf27a9a1af80
-
Size
5.1MB
-
Sample
240525-wtf3tsda61
-
MD5
5042188afb0dc3e9c0ba1bba769c1107
-
SHA1
be1970a565fc481cfb92fe58ae972578921c0763
-
SHA256
8eb7dc9162c0ca622fbca424b85f18bca0e6ec3486fc239d8276cf27a9a1af80
-
SHA512
6809fa128613d088b29fc7c524f68abb4b3447bffe851c264624c02c926ae115b2b9aa4db2b9d9e9dfa97177fa970556307b6d9cd4502a5f4a067af7dc1ba39e
-
SSDEEP
98304:6p5BgXQZ+7MbLCyF3noK8ojHIzdxGRQPGMdhPQzkp8K4I+UagckP8HWd0:rXkzC+3nmojcCM/PQFKxxafkP8R
Static task
static1
Behavioral task
behavioral1
Sample
8eb7dc9162c0ca622fbca424b85f18bca0e6ec3486fc239d8276cf27a9a1af80.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8eb7dc9162c0ca622fbca424b85f18bca0e6ec3486fc239d8276cf27a9a1af80.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8eb7dc9162c0ca622fbca424b85f18bca0e6ec3486fc239d8276cf27a9a1af80
-
Size
5.1MB
-
MD5
5042188afb0dc3e9c0ba1bba769c1107
-
SHA1
be1970a565fc481cfb92fe58ae972578921c0763
-
SHA256
8eb7dc9162c0ca622fbca424b85f18bca0e6ec3486fc239d8276cf27a9a1af80
-
SHA512
6809fa128613d088b29fc7c524f68abb4b3447bffe851c264624c02c926ae115b2b9aa4db2b9d9e9dfa97177fa970556307b6d9cd4502a5f4a067af7dc1ba39e
-
SSDEEP
98304:6p5BgXQZ+7MbLCyF3noK8ojHIzdxGRQPGMdhPQzkp8K4I+UagckP8HWd0:rXkzC+3nmojcCM/PQFKxxafkP8R
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-