General
-
Target
9f519224276c0c834391f58cda26e38fd0d815886dbdff8ef474b48b622850c6.exe
-
Size
7.1MB
-
Sample
240726-fgkx9a1aja
-
MD5
4188b3fd389f42a48af819aeb29b7540
-
SHA1
06a0285f16661265ec9b558e89118aab65fd5dd4
-
SHA256
9f519224276c0c834391f58cda26e38fd0d815886dbdff8ef474b48b622850c6
-
SHA512
f3c01bfb661c663d4400680b7cd0ddcb6b64d97cfd7f6a7ea23d4bf28598cb41eabf73fcc3188337c1e476c78128e8b8456ac9891785d0efc8d878dd436a6027
-
SSDEEP
98304:UKBDeQ1Uk09IWIiFFIChrp7aG5yu/n1OVjv/nUBPHSFjQsBK9dpDHKBC9VPGRVvC:UMl1WFIClp735y2nIJMYp72NH39
Malware Config
Targets
-
-
Target
9f519224276c0c834391f58cda26e38fd0d815886dbdff8ef474b48b622850c6.exe
-
Size
7.1MB
-
MD5
4188b3fd389f42a48af819aeb29b7540
-
SHA1
06a0285f16661265ec9b558e89118aab65fd5dd4
-
SHA256
9f519224276c0c834391f58cda26e38fd0d815886dbdff8ef474b48b622850c6
-
SHA512
f3c01bfb661c663d4400680b7cd0ddcb6b64d97cfd7f6a7ea23d4bf28598cb41eabf73fcc3188337c1e476c78128e8b8456ac9891785d0efc8d878dd436a6027
-
SSDEEP
98304:UKBDeQ1Uk09IWIiFFIChrp7aG5yu/n1OVjv/nUBPHSFjQsBK9dpDHKBC9VPGRVvC:UMl1WFIClp735y2nIJMYp72NH39
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-