General

  • Target

    456bb5d99b1e13786f54721c5894aa2c294c36f4bf8a65b4288071177a7dbc4bN

  • Size

    4.4MB

  • Sample

    241031-kwq52avgjh

  • MD5

    4948571abbf6140b2eb8a55421f58ef0

  • SHA1

    c88f731f06bdc5a7fdf0a62c0e87a3de0e116447

  • SHA256

    456bb5d99b1e13786f54721c5894aa2c294c36f4bf8a65b4288071177a7dbc4b

  • SHA512

    302a9c483f70ba177d5096c06437df2e1364798dc40a6599aeb9358b3ce6b46242ea029159dc2fe16283c75a621e441cbc23e8ea38708581a9c72cd8656e9abf

  • SSDEEP

    98304:pZpcaxfghw5XKxSO7EvfrJ2l28ZIWu6HaeVapQytK6RHOm+:6axfguJvfVoIW2eVapQMRk

Score
9/10

Malware Config

Targets

    • Target

      456bb5d99b1e13786f54721c5894aa2c294c36f4bf8a65b4288071177a7dbc4bN

    • Size

      4.4MB

    • MD5

      4948571abbf6140b2eb8a55421f58ef0

    • SHA1

      c88f731f06bdc5a7fdf0a62c0e87a3de0e116447

    • SHA256

      456bb5d99b1e13786f54721c5894aa2c294c36f4bf8a65b4288071177a7dbc4b

    • SHA512

      302a9c483f70ba177d5096c06437df2e1364798dc40a6599aeb9358b3ce6b46242ea029159dc2fe16283c75a621e441cbc23e8ea38708581a9c72cd8656e9abf

    • SSDEEP

      98304:pZpcaxfghw5XKxSO7EvfrJ2l28ZIWu6HaeVapQytK6RHOm+:6axfguJvfVoIW2eVapQMRk

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks