General
-
Target
ae1479708669562efc37a085bb4c419746774f764351c1aceaceab63b069ce9f
-
Size
4.7MB
-
Sample
240526-n5y4sabb62
-
MD5
9ea46b952ec8ec849dac3d79060e8839
-
SHA1
9953771b997fcc2ba97a26e6176c7df5dcbfdeda
-
SHA256
ae1479708669562efc37a085bb4c419746774f764351c1aceaceab63b069ce9f
-
SHA512
972ec8106898e56eee9cb0531ebeea2936a27176b0840b811ac064fa8f355eaee8f2fa528affc06ecef83d9ea62d8d390a5bbd59c4508e294098b8537a454f13
-
SSDEEP
98304:94hgyCmw2qlA21VAguwgxOYkmOu4CXaOhGSFZlKKFdHAlcF:94ncVAvx7kmOu4CXa+FZl/gl
Static task
static1
Behavioral task
behavioral1
Sample
ae1479708669562efc37a085bb4c419746774f764351c1aceaceab63b069ce9f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ae1479708669562efc37a085bb4c419746774f764351c1aceaceab63b069ce9f.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
ae1479708669562efc37a085bb4c419746774f764351c1aceaceab63b069ce9f
-
Size
4.7MB
-
MD5
9ea46b952ec8ec849dac3d79060e8839
-
SHA1
9953771b997fcc2ba97a26e6176c7df5dcbfdeda
-
SHA256
ae1479708669562efc37a085bb4c419746774f764351c1aceaceab63b069ce9f
-
SHA512
972ec8106898e56eee9cb0531ebeea2936a27176b0840b811ac064fa8f355eaee8f2fa528affc06ecef83d9ea62d8d390a5bbd59c4508e294098b8537a454f13
-
SSDEEP
98304:94hgyCmw2qlA21VAguwgxOYkmOu4CXaOhGSFZlKKFdHAlcF:94ncVAvx7kmOu4CXa+FZl/gl
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-