General
-
Target
0c05f591e3937b35c2e54129cac4ea792d4bb5405a82ff392151bec6b612d3a8
-
Size
2.9MB
-
Sample
240929-y9mxessgra
-
MD5
524e0509aef7b1b6756c4b65875b7f6f
-
SHA1
5c497efaa2603c2cce1f2ac127aadd1dd4a2faf8
-
SHA256
0c05f591e3937b35c2e54129cac4ea792d4bb5405a82ff392151bec6b612d3a8
-
SHA512
229c5052589e56cedcecc13113c7c584fad86413aae52d9f4cb405f7a50eb0a3b3eb642e8423c4c977cd04d70311d0837f95060028b8de640e726f24dc102e91
-
SSDEEP
49152:Fsq0oSB0m/qgoIoIvKsKTlFMCco50U8ku+aNq0dbp0nZOSxL8CH1g0t7A04Z9GT:q3B0m/qgoIoIvKsuuCL0U8hq0dOnZOSe
Malware Config
Targets
-
-
Target
0c05f591e3937b35c2e54129cac4ea792d4bb5405a82ff392151bec6b612d3a8
-
Size
2.9MB
-
MD5
524e0509aef7b1b6756c4b65875b7f6f
-
SHA1
5c497efaa2603c2cce1f2ac127aadd1dd4a2faf8
-
SHA256
0c05f591e3937b35c2e54129cac4ea792d4bb5405a82ff392151bec6b612d3a8
-
SHA512
229c5052589e56cedcecc13113c7c584fad86413aae52d9f4cb405f7a50eb0a3b3eb642e8423c4c977cd04d70311d0837f95060028b8de640e726f24dc102e91
-
SSDEEP
49152:Fsq0oSB0m/qgoIoIvKsKTlFMCco50U8ku+aNq0dbp0nZOSxL8CH1g0t7A04Z9GT:q3B0m/qgoIoIvKsuuCL0U8hq0dOnZOSe
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-