General
-
Target
4eeb99843fd24dbf40fa096241c6445f40833f2139d39ca99edf39babb47d6af
-
Size
7.1MB
-
Sample
240701-qp4ensxenj
-
MD5
651534aa08ba57dd3b06d3c7e920f2fb
-
SHA1
be378336ddbab5095deb85927788a094c9bddb2c
-
SHA256
4eeb99843fd24dbf40fa096241c6445f40833f2139d39ca99edf39babb47d6af
-
SHA512
54036127b49b6834d1e25e40851397b5e84fc19f4443e9390d94663e7a8543dd9cb038980b25b6354df76060034e77e7f4afd203d188ff92f31c3bae4e4068dd
-
SSDEEP
196608:vOG/hjInbVceDdTxVKEj4E9IFwAJcTWB9JxG+2zKF:vOKhjGR0C9OwBdHzK
Malware Config
Targets
-
-
Target
4eeb99843fd24dbf40fa096241c6445f40833f2139d39ca99edf39babb47d6af
-
Size
7.1MB
-
MD5
651534aa08ba57dd3b06d3c7e920f2fb
-
SHA1
be378336ddbab5095deb85927788a094c9bddb2c
-
SHA256
4eeb99843fd24dbf40fa096241c6445f40833f2139d39ca99edf39babb47d6af
-
SHA512
54036127b49b6834d1e25e40851397b5e84fc19f4443e9390d94663e7a8543dd9cb038980b25b6354df76060034e77e7f4afd203d188ff92f31c3bae4e4068dd
-
SSDEEP
196608:vOG/hjInbVceDdTxVKEj4E9IFwAJcTWB9JxG+2zKF:vOKhjGR0C9OwBdHzK
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-