General
-
Target
9117aecbaac91bdbcfdb145379a6df4bd89d4780df8a80590234672e738969daN
-
Size
876KB
-
Sample
241009-lbrrhatdjm
-
MD5
1a1f1c3576be3f6da9b63f4fec653570
-
SHA1
6dc7b1ed8697bf21dd969cc8694053a60c30b4e0
-
SHA256
9117aecbaac91bdbcfdb145379a6df4bd89d4780df8a80590234672e738969da
-
SHA512
44e2b83440d603ba10d88a5a7aa5a70f6a04cbf285107a67cd7e5cb1f88129e8195b2ffc9cac40e9cacea630dcf021626ca8d9d275eeafb6efef04ec144bb3ec
-
SSDEEP
24576:9UV/iyHpJBtclq2AJIf92nwsHJlFUOGuBnxuNTV:9UgepJBtcY2AGWwsHJPUpAINTV
Malware Config
Targets
-
-
Target
9117aecbaac91bdbcfdb145379a6df4bd89d4780df8a80590234672e738969daN
-
Size
876KB
-
MD5
1a1f1c3576be3f6da9b63f4fec653570
-
SHA1
6dc7b1ed8697bf21dd969cc8694053a60c30b4e0
-
SHA256
9117aecbaac91bdbcfdb145379a6df4bd89d4780df8a80590234672e738969da
-
SHA512
44e2b83440d603ba10d88a5a7aa5a70f6a04cbf285107a67cd7e5cb1f88129e8195b2ffc9cac40e9cacea630dcf021626ca8d9d275eeafb6efef04ec144bb3ec
-
SSDEEP
24576:9UV/iyHpJBtclq2AJIf92nwsHJlFUOGuBnxuNTV:9UgepJBtcY2AGWwsHJPUpAINTV
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-