General

  • Target

    91b8277c1c611c45c7356a79b11bcc0c4005a7d7e98e1b1c1673ed0e54516f37

  • Size

    1.6MB

  • Sample

    241117-qztyzs1fkn

  • MD5

    19de51c9c2789bb92fb92701bd9f47e9

  • SHA1

    773bcdcd55a494921af1d19541ed0f2968cef02c

  • SHA256

    91b8277c1c611c45c7356a79b11bcc0c4005a7d7e98e1b1c1673ed0e54516f37

  • SHA512

    8eacb00c43a3d950a3ed7a4509c8279271be147825a1e73d577ffcec98cc80dd7862bd72a2cf44bf83f81038c809c89c34dbd538e65fa2baccf2ece2fc8b030c

  • SSDEEP

    49152:2h42M+oi4EXpwtIbHoI9apFCcpaSgxNah/N2df2:21Mvi4EXpyIbx9Y5aTIN2c

Malware Config

Targets

    • Target

      91b8277c1c611c45c7356a79b11bcc0c4005a7d7e98e1b1c1673ed0e54516f37

    • Size

      1.6MB

    • MD5

      19de51c9c2789bb92fb92701bd9f47e9

    • SHA1

      773bcdcd55a494921af1d19541ed0f2968cef02c

    • SHA256

      91b8277c1c611c45c7356a79b11bcc0c4005a7d7e98e1b1c1673ed0e54516f37

    • SHA512

      8eacb00c43a3d950a3ed7a4509c8279271be147825a1e73d577ffcec98cc80dd7862bd72a2cf44bf83f81038c809c89c34dbd538e65fa2baccf2ece2fc8b030c

    • SSDEEP

      49152:2h42M+oi4EXpwtIbHoI9apFCcpaSgxNah/N2df2:21Mvi4EXpyIbx9Y5aTIN2c

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks