General
-
Target
89475e805f01d2e52093121987c912e5a6134228af6dc0047e6bac0dae9b5b0d
-
Size
9.4MB
-
Sample
240525-yc1f9afg2z
-
MD5
674f5e5191d2f25abf6f60dfdf57ca31
-
SHA1
b31d884354ee63ec133a8990dbc58a79ab53c584
-
SHA256
89475e805f01d2e52093121987c912e5a6134228af6dc0047e6bac0dae9b5b0d
-
SHA512
6e61000496e25e56bb6195c8a130e42aa04d1d25cde304cd3294fb1db05e0ea93e4aa0e4a52a1f8b87d16c333d082a4ee55be8b9c18d6abc5e4eaad7974904bb
-
SSDEEP
196608:8uVlqZBFGshmB5BFoOWGTjkaU6XqEKBcGl33D5ouEoAoHkh+cowMYGWbRI20:jlq/FH8BHFoOWGybxcGpFVvLkIc+YR+3
Malware Config
Targets
-
-
Target
89475e805f01d2e52093121987c912e5a6134228af6dc0047e6bac0dae9b5b0d
-
Size
9.4MB
-
MD5
674f5e5191d2f25abf6f60dfdf57ca31
-
SHA1
b31d884354ee63ec133a8990dbc58a79ab53c584
-
SHA256
89475e805f01d2e52093121987c912e5a6134228af6dc0047e6bac0dae9b5b0d
-
SHA512
6e61000496e25e56bb6195c8a130e42aa04d1d25cde304cd3294fb1db05e0ea93e4aa0e4a52a1f8b87d16c333d082a4ee55be8b9c18d6abc5e4eaad7974904bb
-
SSDEEP
196608:8uVlqZBFGshmB5BFoOWGTjkaU6XqEKBcGl33D5ouEoAoHkh+cowMYGWbRI20:jlq/FH8BHFoOWGybxcGpFVvLkIc+YR+3
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-