General
-
Target
59419e255e901c3cb40c19b2ce8d76f73b4e438f44a725feff1f0790262f5604
-
Size
5.6MB
-
Sample
240526-ms49lagc28
-
MD5
cc0cf2bbd5998616172f942049384bec
-
SHA1
c4521f57838635cb95fe2c9f2390103d6a78c1b9
-
SHA256
59419e255e901c3cb40c19b2ce8d76f73b4e438f44a725feff1f0790262f5604
-
SHA512
c4dce7174d8f5aa794cb5d0b77b2dcb7a2ec51c48b82b3eb51e548f105255380484bd60d0461e784ae949fb0948b61777f78ae200301e55a97ca2c00b15d72e7
-
SSDEEP
98304:EepZnsVti8+46SeIMFhbj1UBQxxVvDKJ65W2DX1v3TghyXvKAaLi:fZnQd+twMFhn1UGxxVv8+lX1v3EhgvKa
Static task
static1
Behavioral task
behavioral1
Sample
59419e255e901c3cb40c19b2ce8d76f73b4e438f44a725feff1f0790262f5604.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
59419e255e901c3cb40c19b2ce8d76f73b4e438f44a725feff1f0790262f5604.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
59419e255e901c3cb40c19b2ce8d76f73b4e438f44a725feff1f0790262f5604
-
Size
5.6MB
-
MD5
cc0cf2bbd5998616172f942049384bec
-
SHA1
c4521f57838635cb95fe2c9f2390103d6a78c1b9
-
SHA256
59419e255e901c3cb40c19b2ce8d76f73b4e438f44a725feff1f0790262f5604
-
SHA512
c4dce7174d8f5aa794cb5d0b77b2dcb7a2ec51c48b82b3eb51e548f105255380484bd60d0461e784ae949fb0948b61777f78ae200301e55a97ca2c00b15d72e7
-
SSDEEP
98304:EepZnsVti8+46SeIMFhbj1UBQxxVvDKJ65W2DX1v3TghyXvKAaLi:fZnQd+twMFhn1UGxxVv8+lX1v3EhgvKa
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-