General
-
Target
Archive.zip
-
Size
61.0MB
-
Sample
240526-2mse6seg5t
-
MD5
70116103e7553b96c70656be0af4cc8e
-
SHA1
33335c7c4d77a7885a45cda780aaaa43ba22cb8b
-
SHA256
85222b8aa357eaeacf646a333687ee382ac4b4cfdfe44134fd3369763174cb52
-
SHA512
100869eb93392b7acc778ae1af1a076c21170a04a8698495c7792bff2ff00b22fc1795c72e70213c003527f23f20cf2d2d0bb204b5801cb9cc7aa19cebdf529c
-
SSDEEP
1572864:JCEKXwK/K4bHPMbfsVwZTx9PuPl/Fjq1ADsPUyoa+IxDeAsArSZGamr:SXw9AH8jx90Fq1wUNheAPaGf
Malware Config
Targets
-
-
Target
Archive.zip
-
Size
61.0MB
-
MD5
70116103e7553b96c70656be0af4cc8e
-
SHA1
33335c7c4d77a7885a45cda780aaaa43ba22cb8b
-
SHA256
85222b8aa357eaeacf646a333687ee382ac4b4cfdfe44134fd3369763174cb52
-
SHA512
100869eb93392b7acc778ae1af1a076c21170a04a8698495c7792bff2ff00b22fc1795c72e70213c003527f23f20cf2d2d0bb204b5801cb9cc7aa19cebdf529c
-
SSDEEP
1572864:JCEKXwK/K4bHPMbfsVwZTx9PuPl/Fjq1ADsPUyoa+IxDeAsArSZGamr:SXw9AH8jx90Fq1wUNheAPaGf
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-