General
-
Target
7652e33d723436edfc8b307c186a63fb4278a468d41248e24d257c9ebf77953e
-
Size
2.0MB
-
Sample
240627-22pb3azapm
-
MD5
b1b0b54f2f25c2928ad601fa72201e89
-
SHA1
91a25e8a116c45d6fa9779962a4521d1321bbec7
-
SHA256
7652e33d723436edfc8b307c186a63fb4278a468d41248e24d257c9ebf77953e
-
SHA512
da77ce72a7f6a8d48cd7e0d69d63a2eb19ea4984282df983ec0dd376871e79e3ef16e4bab49d8572ea8b974c52b437419ec4e597ac9905da64d147ed5f68a294
-
SSDEEP
49152:mEVty8+mt58XSc7x+5h85nPLdLfnsdrSuAiN5u1ga+bp9GfYnu/BBkf4:3VrCCcF+D2LdLWPnCg7p9IYy44
Malware Config
Targets
-
-
Target
7652e33d723436edfc8b307c186a63fb4278a468d41248e24d257c9ebf77953e
-
Size
2.0MB
-
MD5
b1b0b54f2f25c2928ad601fa72201e89
-
SHA1
91a25e8a116c45d6fa9779962a4521d1321bbec7
-
SHA256
7652e33d723436edfc8b307c186a63fb4278a468d41248e24d257c9ebf77953e
-
SHA512
da77ce72a7f6a8d48cd7e0d69d63a2eb19ea4984282df983ec0dd376871e79e3ef16e4bab49d8572ea8b974c52b437419ec4e597ac9905da64d147ed5f68a294
-
SSDEEP
49152:mEVty8+mt58XSc7x+5h85nPLdLfnsdrSuAiN5u1ga+bp9GfYnu/BBkf4:3VrCCcF+D2LdLWPnCg7p9IYy44
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-