General
-
Target
53872486f6a0e670c56ea429efbae2f9f10a069d14d2d81d4fe912f93bd93122
-
Size
4.9MB
-
Sample
240629-vxz5fa1hrf
-
MD5
b62faba65f290de7c587f43ebda120ba
-
SHA1
00d59a2df765b389738e5f18e5d6a9aae712efd3
-
SHA256
53872486f6a0e670c56ea429efbae2f9f10a069d14d2d81d4fe912f93bd93122
-
SHA512
49dd1bafdcfc1700bbb450c7f4ccd9e4170c0e7f09efc0d9fb705e3367d4abc3289318ee4c3d58f44b55451d5fb8e8a516ab122963c22d7ded875c6f99f224c2
-
SSDEEP
98304:fgtyjBizTawBjICfmlDeFPgM3I+yxmLZy6+lcX0uj4AV:fgtKBaewWomlSiM3exIZklcku
Static task
static1
Behavioral task
behavioral1
Sample
53872486f6a0e670c56ea429efbae2f9f10a069d14d2d81d4fe912f93bd93122.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
53872486f6a0e670c56ea429efbae2f9f10a069d14d2d81d4fe912f93bd93122.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
53872486f6a0e670c56ea429efbae2f9f10a069d14d2d81d4fe912f93bd93122
-
Size
4.9MB
-
MD5
b62faba65f290de7c587f43ebda120ba
-
SHA1
00d59a2df765b389738e5f18e5d6a9aae712efd3
-
SHA256
53872486f6a0e670c56ea429efbae2f9f10a069d14d2d81d4fe912f93bd93122
-
SHA512
49dd1bafdcfc1700bbb450c7f4ccd9e4170c0e7f09efc0d9fb705e3367d4abc3289318ee4c3d58f44b55451d5fb8e8a516ab122963c22d7ded875c6f99f224c2
-
SSDEEP
98304:fgtyjBizTawBjICfmlDeFPgM3I+yxmLZy6+lcX0uj4AV:fgtKBaewWomlSiM3exIZklcku
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-