General

  • Target

    8936abb901524889b3a563cd5359d391.bin

  • Size

    4.4MB

  • Sample

    240609-eekc9sea34

  • MD5

    8936abb901524889b3a563cd5359d391

  • SHA1

    1b8ad90200372ed69502a7b2810851c4f78b0e53

  • SHA256

    771ffbb58bbdb1036b238be0b81d300cd9c567247f1b0e24b8f249f66ebcd175

  • SHA512

    05555a72bf806a2bee252c08b444c475bf4df1e5bc0139c6df0cee053f0f3ceada3c7b08ade3d8b200036b94d535b8a8f968ccccaef24b5d9a9ff269d0de6b3e

  • SSDEEP

    98304:Yv1OWXI6ORJElNBLsF6OHyKQtegsAl+9mylbv9uu95x0sD:wdy0Nk6OHyKee9zFuuZ

Malware Config

Targets

    • Target

      8936abb901524889b3a563cd5359d391.bin

    • Size

      4.4MB

    • MD5

      8936abb901524889b3a563cd5359d391

    • SHA1

      1b8ad90200372ed69502a7b2810851c4f78b0e53

    • SHA256

      771ffbb58bbdb1036b238be0b81d300cd9c567247f1b0e24b8f249f66ebcd175

    • SHA512

      05555a72bf806a2bee252c08b444c475bf4df1e5bc0139c6df0cee053f0f3ceada3c7b08ade3d8b200036b94d535b8a8f968ccccaef24b5d9a9ff269d0de6b3e

    • SSDEEP

      98304:Yv1OWXI6ORJElNBLsF6OHyKQtegsAl+9mylbv9uu95x0sD:wdy0Nk6OHyKee9zFuuZ

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks