General
-
Target
3c25d45a330f1dadac0527f9ddbd526e830b1515bf6e9b7302dd228576185559
-
Size
5.2MB
-
Sample
250328-mfcc2swqx3
-
MD5
228c840e73206cf6e00666c83bc0dda1
-
SHA1
d2738e67e98c07e9ae43015364f74f0f68f40316
-
SHA256
3c25d45a330f1dadac0527f9ddbd526e830b1515bf6e9b7302dd228576185559
-
SHA512
280f4849abd2a1d2348a05d9d2131d576a668b7d63638cabab69d26783a54a29b4937e3e9d76e40c6720e383737f969fb1cae71107766b1f7913535e121bbae1
-
SSDEEP
98304:WF4C6Z+1AWh44x0fIsRy+9SGX3XYuZIEmFWLIAUchvIDHeU7kTTpLz:w641e4xkK+9hnXNnjAiU7STpLz
Malware Config
Targets
-
-
Target
3c25d45a330f1dadac0527f9ddbd526e830b1515bf6e9b7302dd228576185559
-
Size
5.2MB
-
MD5
228c840e73206cf6e00666c83bc0dda1
-
SHA1
d2738e67e98c07e9ae43015364f74f0f68f40316
-
SHA256
3c25d45a330f1dadac0527f9ddbd526e830b1515bf6e9b7302dd228576185559
-
SHA512
280f4849abd2a1d2348a05d9d2131d576a668b7d63638cabab69d26783a54a29b4937e3e9d76e40c6720e383737f969fb1cae71107766b1f7913535e121bbae1
-
SSDEEP
98304:WF4C6Z+1AWh44x0fIsRy+9SGX3XYuZIEmFWLIAUchvIDHeU7kTTpLz:w641e4xkK+9hnXNnjAiU7STpLz
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-