General
-
Target
a61c049d022ca9457126e2a1ceff1560N
-
Size
3.9MB
-
Sample
240909-vyrvfssdrf
-
MD5
a61c049d022ca9457126e2a1ceff1560
-
SHA1
54b1d72b96de65e63fd48af84e02fc04d9eb0774
-
SHA256
cb4115953d20fab4cc0c71a99e30a116eb3ee36b4561af26f9c59535dc98c0e6
-
SHA512
c80be4aa6a0bc02d7064749751b3a36b0b74b27b5394d64b3da6bda7c2c19067ac24a64997a9884828beba71a26d3d0f3f2c64bb193535e094d0edbbfd92bec1
-
SSDEEP
49152:w2Uyacbw/7+kYR187LgS0rpSAnpJpsYAaX5uJsQ+fYFRnttxeebcxGrJP8ov/3HP:w75SpSuQ65uJsU0pQrZ823HEOwjAt
Malware Config
Targets
-
-
Target
a61c049d022ca9457126e2a1ceff1560N
-
Size
3.9MB
-
MD5
a61c049d022ca9457126e2a1ceff1560
-
SHA1
54b1d72b96de65e63fd48af84e02fc04d9eb0774
-
SHA256
cb4115953d20fab4cc0c71a99e30a116eb3ee36b4561af26f9c59535dc98c0e6
-
SHA512
c80be4aa6a0bc02d7064749751b3a36b0b74b27b5394d64b3da6bda7c2c19067ac24a64997a9884828beba71a26d3d0f3f2c64bb193535e094d0edbbfd92bec1
-
SSDEEP
49152:w2Uyacbw/7+kYR187LgS0rpSAnpJpsYAaX5uJsQ+fYFRnttxeebcxGrJP8ov/3HP:w75SpSuQ65uJsU0pQrZ823HEOwjAt
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-