General
-
Target
197c2d218121ff0ec738f5d301bf13b7824320c07942b99c9f278e8d7508b15d.exe
-
Size
3.2MB
-
Sample
241101-vp753svkdk
-
MD5
885a317f0e6471b48210a165fa878af7
-
SHA1
0beccc1ab4baa6ae9c9a735ecc0719b75031c394
-
SHA256
197c2d218121ff0ec738f5d301bf13b7824320c07942b99c9f278e8d7508b15d
-
SHA512
6e017371d637ddfd56229cc7ba2da4285b9ab3e6891d11c5b27ff784bcf5063ae1dcc65b51e1445944ae12df1d72791a485f365776ccd245b2a03bde1c05ca08
-
SSDEEP
98304:Ol2fRAinZNWMWvrcRoJfr0zVVQrY92iVzc/JFUhdM:M/iZNXWTc5zXQkfI/Ah6
Malware Config
Targets
-
-
Target
197c2d218121ff0ec738f5d301bf13b7824320c07942b99c9f278e8d7508b15d.exe
-
Size
3.2MB
-
MD5
885a317f0e6471b48210a165fa878af7
-
SHA1
0beccc1ab4baa6ae9c9a735ecc0719b75031c394
-
SHA256
197c2d218121ff0ec738f5d301bf13b7824320c07942b99c9f278e8d7508b15d
-
SHA512
6e017371d637ddfd56229cc7ba2da4285b9ab3e6891d11c5b27ff784bcf5063ae1dcc65b51e1445944ae12df1d72791a485f365776ccd245b2a03bde1c05ca08
-
SSDEEP
98304:Ol2fRAinZNWMWvrcRoJfr0zVVQrY92iVzc/JFUhdM:M/iZNXWTc5zXQkfI/Ah6
Score9/10-
Enumerates VirtualBox registry keys
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-