General
-
Target
veax_protected.exe
-
Size
3.8MB
-
Sample
240630-3ws9hasgpj
-
MD5
386428b81e1a52e63f688e9ed323d066
-
SHA1
bd94ce6bd113d2f1b69af81244b268fda9d99160
-
SHA256
91bd58996da4433a6ce296547bea69861478b653117315831bfd825b2e4e0d3a
-
SHA512
d5b0d98a981f7ee2571ed2b4ed3932c71c0629676e9bbb7e3e457a347f029f1abe43b951c7e9430f0afc9f06bc886f28b198a828a837a2fd98fe5758ae35f15a
-
SSDEEP
49152:tI7WUD3/Bu/mJiKNUyGy8lPO3dpFwvq8zZ9TMit9nXIALJ95Z+0dVgBreCdz3xo2:tuvJiAGytb8Xpt9ICJ95BdVgJ1CH7Glj
Behavioral task
behavioral1
Sample
veax_protected.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
veax_protected.exe
-
Size
3.8MB
-
MD5
386428b81e1a52e63f688e9ed323d066
-
SHA1
bd94ce6bd113d2f1b69af81244b268fda9d99160
-
SHA256
91bd58996da4433a6ce296547bea69861478b653117315831bfd825b2e4e0d3a
-
SHA512
d5b0d98a981f7ee2571ed2b4ed3932c71c0629676e9bbb7e3e457a347f029f1abe43b951c7e9430f0afc9f06bc886f28b198a828a837a2fd98fe5758ae35f15a
-
SSDEEP
49152:tI7WUD3/Bu/mJiKNUyGy8lPO3dpFwvq8zZ9TMit9nXIALJ95Z+0dVgBreCdz3xo2:tuvJiAGytb8Xpt9ICJ95BdVgJ1CH7Glj
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-