General
-
Target
1b8bf38e83c31c76c7dd00088ac0922d
-
Size
1.6MB
-
Sample
211228-vqvw5sead5
-
MD5
1b8bf38e83c31c76c7dd00088ac0922d
-
SHA1
1bc87682b1518b398ee7eacc4c8e4370b18d359e
-
SHA256
25cd127b9d559d6754269ecc116d35be66aca027640bcd71a836567c32b946c5
-
SHA512
8e36767cc8a6967303e50ff4ec324ca4457503a8ed0c68eab5da1d4c0e3ced9d95a0697649a4ef762463c930d78e4751a990801491f11ed3ae26db30169ac6b3
Malware Config
Targets
-
-
Target
1b8bf38e83c31c76c7dd00088ac0922d
-
Size
1.6MB
-
MD5
1b8bf38e83c31c76c7dd00088ac0922d
-
SHA1
1bc87682b1518b398ee7eacc4c8e4370b18d359e
-
SHA256
25cd127b9d559d6754269ecc116d35be66aca027640bcd71a836567c32b946c5
-
SHA512
8e36767cc8a6967303e50ff4ec324ca4457503a8ed0c68eab5da1d4c0e3ced9d95a0697649a4ef762463c930d78e4751a990801491f11ed3ae26db30169ac6b3
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-