General
-
Target
disk spoofer.exe
-
Size
841KB
-
Sample
241126-bqf87stjgm
-
MD5
e0234b0124913ff987332a30daf9c8aa
-
SHA1
932c901ed2c80ab3fa5c4d20c908a3901736947c
-
SHA256
1539c445b9a5e409cdd483bbdd41b682d43966ff4c9811b2c9294ff17c964ef2
-
SHA512
1379979eb49cb0c5df93ca4855026e69a917292691e0bd1aeb483f34d7f27b909d9ecfc7c23e027f0d1a0855fce7a3780bcd6e8412646ae6945fbe693e1a3946
-
SSDEEP
12288:B1YPOSYOiTn2Tqu+Ox6VPWLV2rqbZAWPKlzQsaOBuv/yVbZu3907mPE7dgRw:GYOisUVPWLmqVASKhQsuv4g3e7+muRw
Static task
static1
Behavioral task
behavioral1
Sample
disk spoofer.exe
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
disk spoofer.exe
-
Size
841KB
-
MD5
e0234b0124913ff987332a30daf9c8aa
-
SHA1
932c901ed2c80ab3fa5c4d20c908a3901736947c
-
SHA256
1539c445b9a5e409cdd483bbdd41b682d43966ff4c9811b2c9294ff17c964ef2
-
SHA512
1379979eb49cb0c5df93ca4855026e69a917292691e0bd1aeb483f34d7f27b909d9ecfc7c23e027f0d1a0855fce7a3780bcd6e8412646ae6945fbe693e1a3946
-
SSDEEP
12288:B1YPOSYOiTn2Tqu+Ox6VPWLV2rqbZAWPKlzQsaOBuv/yVbZu3907mPE7dgRw:GYOisUVPWLmqVASKhQsuv4g3e7+muRw
Score9/10-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-