General
-
Target
SecuriteInfo.com.Variant.Zusy.551321.399.736.dll
-
Size
4.7MB
-
Sample
240610-npep7shc3v
-
MD5
2d50abb15c4fbb426826c2bd0dfdaf61
-
SHA1
3a62a420cd8ba2dffa40ebcdf311205c5b76b0a4
-
SHA256
6d456977f4d338c27ace3a30a24d10959c27101326bb015300059ed5ca6f57b8
-
SHA512
eea037d213d738b2855c7bf7469d8ad26afa47f6220ae655c18a83b56144357e77a004fdf92405209bc56cdc8fd79a40f0119d96fd7c8281cbe40ffb8ebcc8c5
-
SSDEEP
98304:/vJn7kuoqbKUPStwdHdWa+u+j0p9G7p47uolu4Jc4AqKnnCElfza8/a2bxuH:HN7aqbK9wHsuIPapuccSenCUfG4G
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Zusy.551321.399.736.dll
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Variant.Zusy.551321.399.736.dll
-
Size
4.7MB
-
MD5
2d50abb15c4fbb426826c2bd0dfdaf61
-
SHA1
3a62a420cd8ba2dffa40ebcdf311205c5b76b0a4
-
SHA256
6d456977f4d338c27ace3a30a24d10959c27101326bb015300059ed5ca6f57b8
-
SHA512
eea037d213d738b2855c7bf7469d8ad26afa47f6220ae655c18a83b56144357e77a004fdf92405209bc56cdc8fd79a40f0119d96fd7c8281cbe40ffb8ebcc8c5
-
SSDEEP
98304:/vJn7kuoqbKUPStwdHdWa+u+j0p9G7p47uolu4Jc4AqKnnCElfza8/a2bxuH:HN7aqbK9wHsuIPapuccSenCUfG4G
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-