General
-
Target
Acunetix Premium Activation Tool.exe
-
Size
18.8MB
-
Sample
240617-ybxzqsvhmn
-
MD5
c293cb22c0388f1c5b7b4c4ec1effed5
-
SHA1
eba739ec881399d858190ba8bf3633bfd687b5da
-
SHA256
5667c295937875449f940c1866b2d6f5798d01897e71e65eb09dc5542758c2f9
-
SHA512
59aef59bbff86d163756bce4311ff9e818612c44df6e95f33dd1000b3cb096d4d9e9d211de2e982da965754e84942ea12772a292af0972060ac466b55a79a431
-
SSDEEP
393216:E+YEtEGt1AeYV9aseOCBFzSHOUWq+BVNG+15m9YpMFvDLUEcP:J2V9aseOCD7LqEXmGAv3UEI
Malware Config
Targets
-
-
Target
Acunetix Premium Activation Tool.exe
-
Size
18.8MB
-
MD5
c293cb22c0388f1c5b7b4c4ec1effed5
-
SHA1
eba739ec881399d858190ba8bf3633bfd687b5da
-
SHA256
5667c295937875449f940c1866b2d6f5798d01897e71e65eb09dc5542758c2f9
-
SHA512
59aef59bbff86d163756bce4311ff9e818612c44df6e95f33dd1000b3cb096d4d9e9d211de2e982da965754e84942ea12772a292af0972060ac466b55a79a431
-
SSDEEP
393216:E+YEtEGt1AeYV9aseOCBFzSHOUWq+BVNG+15m9YpMFvDLUEcP:J2V9aseOCD7LqEXmGAv3UEI
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-