General
-
Target
66969ac84d6e89fc43c6204653ee0b6bf727fa115f802549e9469027a3dd847e.exe
-
Size
139KB
-
Sample
220514-q5papacdfq
-
MD5
cc280cbaa1cdde9b203348512a594a5d
-
SHA1
c9a6b936c28089bd779d3153056b1d7cbc9d0854
-
SHA256
66969ac84d6e89fc43c6204653ee0b6bf727fa115f802549e9469027a3dd847e
-
SHA512
6677d2096e27d4a810ee4a3bc8070a0829128b008536e18fe4d06511f6cf40ec4698c3f4a1a30afa972471acdf3d220407607fbe98c44bed9f0b4b86e2e758d6
Static task
static1
Behavioral task
behavioral1
Sample
66969ac84d6e89fc43c6204653ee0b6bf727fa115f802549e9469027a3dd847e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
66969ac84d6e89fc43c6204653ee0b6bf727fa115f802549e9469027a3dd847e.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
66969ac84d6e89fc43c6204653ee0b6bf727fa115f802549e9469027a3dd847e.exe
-
Size
139KB
-
MD5
cc280cbaa1cdde9b203348512a594a5d
-
SHA1
c9a6b936c28089bd779d3153056b1d7cbc9d0854
-
SHA256
66969ac84d6e89fc43c6204653ee0b6bf727fa115f802549e9469027a3dd847e
-
SHA512
6677d2096e27d4a810ee4a3bc8070a0829128b008536e18fe4d06511f6cf40ec4698c3f4a1a30afa972471acdf3d220407607fbe98c44bed9f0b4b86e2e758d6
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-