General
-
Target
62e354972d531d22f1b6c3e5b557978bc54f7da10e95c946c45caa229a195740
-
Size
11.2MB
-
Sample
241003-nc6yxsxckl
-
MD5
5b2a0a0c29debc6d48ac89da3851bb4b
-
SHA1
499cd9a9b1a6c61c70ec088c51f75af062c7cc12
-
SHA256
62e354972d531d22f1b6c3e5b557978bc54f7da10e95c946c45caa229a195740
-
SHA512
37b94a2cb858058941a989b555f25d40ac95eeca7713508eb53e8f8497d49e1c3286e122a72f1e51e7988f811079372763b49b0e8f704292486b205f413ae228
-
SSDEEP
196608:ZXrLSgBfdCeYvVWgDLFArj4OGF6EY7hGIBNT0T2u8WpMj:Zbe0AeuHDhvLFaNfBNru1Mj
Malware Config
Targets
-
-
Target
62e354972d531d22f1b6c3e5b557978bc54f7da10e95c946c45caa229a195740
-
Size
11.2MB
-
MD5
5b2a0a0c29debc6d48ac89da3851bb4b
-
SHA1
499cd9a9b1a6c61c70ec088c51f75af062c7cc12
-
SHA256
62e354972d531d22f1b6c3e5b557978bc54f7da10e95c946c45caa229a195740
-
SHA512
37b94a2cb858058941a989b555f25d40ac95eeca7713508eb53e8f8497d49e1c3286e122a72f1e51e7988f811079372763b49b0e8f704292486b205f413ae228
-
SSDEEP
196608:ZXrLSgBfdCeYvVWgDLFArj4OGF6EY7hGIBNT0T2u8WpMj:Zbe0AeuHDhvLFaNfBNru1Mj
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-