General
-
Target
9a354bbb1c279d63e20bd628de5f57ebead58cd054ca40a75a44f0aa1e07b11d
-
Size
6.2MB
-
Sample
241031-lbgxaswaka
-
MD5
5ca1e0cd0aecaf26133a6a676e5a6455
-
SHA1
93f215b5c7e23a1c2161f79477596938fd95e91d
-
SHA256
9a354bbb1c279d63e20bd628de5f57ebead58cd054ca40a75a44f0aa1e07b11d
-
SHA512
66bd94bbdb02260021d1fd34fae3826ae3a16027073a2c903e8c6353dc9f166694073579328ba89afef8051ad829f4e5f8c71a3ee0072dd7153399cba441ab9f
-
SSDEEP
196608:OIfICkWQIIxtRB/56GlZOyJI+UFw2Wu/i8j7I:LfICksWP/MGlZrIFw0NfI
Static task
static1
Behavioral task
behavioral1
Sample
9a354bbb1c279d63e20bd628de5f57ebead58cd054ca40a75a44f0aa1e07b11d.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9a354bbb1c279d63e20bd628de5f57ebead58cd054ca40a75a44f0aa1e07b11d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9a354bbb1c279d63e20bd628de5f57ebead58cd054ca40a75a44f0aa1e07b11d
-
Size
6.2MB
-
MD5
5ca1e0cd0aecaf26133a6a676e5a6455
-
SHA1
93f215b5c7e23a1c2161f79477596938fd95e91d
-
SHA256
9a354bbb1c279d63e20bd628de5f57ebead58cd054ca40a75a44f0aa1e07b11d
-
SHA512
66bd94bbdb02260021d1fd34fae3826ae3a16027073a2c903e8c6353dc9f166694073579328ba89afef8051ad829f4e5f8c71a3ee0072dd7153399cba441ab9f
-
SSDEEP
196608:OIfICkWQIIxtRB/56GlZOyJI+UFw2Wu/i8j7I:LfICksWP/MGlZrIFw0NfI
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-