General
-
Target
7b3f86198fc47ee9e67c1d8c21983e27.bin
-
Size
11.6MB
-
Sample
240702-bzhtds1gpa
-
MD5
a11e5e8b1c4d455be5c467087351be2c
-
SHA1
ca5bca6d8d0dd33b357d908b904ee968553e6846
-
SHA256
90ccad4fb924e2ba7c0dd864a5a640351a4732bf4d0b398b6dfb583ddd9ddeb1
-
SHA512
6836e0973cdc261bb18c517171b9338f1328da1f7c638559385ecbea4b56db96b07a377ea99659279f8717fa540105cdb03cca4fc4f795e17fec811c4f5981a3
-
SSDEEP
196608:8I3u37imMALbU78CIaDB4w6WXEIlVvNeBHbwTjEKlhiX06ZyG2aVpVimUPXaxePR:88ubMAE8CHD6/WXEIDQBH0jBlIf9t8/7
Malware Config
Targets
-
-
Target
e039f173ff60e01ef93b5c26b5872eb45f0cdbd9997b52d8eba7ed216da3f4df.exe
-
Size
11.6MB
-
MD5
7b3f86198fc47ee9e67c1d8c21983e27
-
SHA1
a7aedf26db9589249061062b2ec416f6d870d90c
-
SHA256
e039f173ff60e01ef93b5c26b5872eb45f0cdbd9997b52d8eba7ed216da3f4df
-
SHA512
0051ef056da1d6146859fccf746857fe58b4c69fc5b9194a4b0dfc111c11c999c61134d0bbb0865cefcd11c049b0ff82beebd9d95608b7c4f6febcf9d2eec1cc
-
SSDEEP
196608:1geUq7E5uQdhBhLgJ/vIxOYT3Lc7vHnDqnHqMGPS+r1okHWQTps+SbnN4Lps8W+x:VEg6lgJXIx7T34bHDqnKMASu19WAcbn0
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-