General
-
Target
signdestructionmagenta.exe
-
Size
4.4MB
-
Sample
241104-bxf7sazhkm
-
MD5
aab35d4b8bbe147233674dc8de15a96e
-
SHA1
0a140510da51b5f1650b00c00f30d5efc5046615
-
SHA256
82a0f4c583d4e2cf1842d2191ff69bd230d8feacd00cee91fc286c2c2cf30993
-
SHA512
916b5b901a168c336c1ea8143d8054c9b011f2b52b0d21243c5c328777d62ba1b79c4c21b9fe076d2ca7d735c83955ae293555c7108c36c203d731b842dc1a58
-
SSDEEP
98304:W9uFzWJAEekrC2wek4ahWo7u/FsWtn5w+lQxJkGWNg7QOX+2NTzdJD:W4FzqAirJk4ahW6u/FT55w+lQxOG+uQK
Malware Config
Targets
-
-
Target
signdestructionmagenta.exe
-
Size
4.4MB
-
MD5
aab35d4b8bbe147233674dc8de15a96e
-
SHA1
0a140510da51b5f1650b00c00f30d5efc5046615
-
SHA256
82a0f4c583d4e2cf1842d2191ff69bd230d8feacd00cee91fc286c2c2cf30993
-
SHA512
916b5b901a168c336c1ea8143d8054c9b011f2b52b0d21243c5c328777d62ba1b79c4c21b9fe076d2ca7d735c83955ae293555c7108c36c203d731b842dc1a58
-
SSDEEP
98304:W9uFzWJAEekrC2wek4ahWo7u/FsWtn5w+lQxJkGWNg7QOX+2NTzdJD:W4FzqAirJk4ahW6u/FT55w+lQxOG+uQK
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-