Resubmissions
26/10/2022, 15:48
221026-s8611sgbd7 7General
-
Target
5eb6f40321075392ebdeca3c270b0d41f3a338bb0cc293ab37baa88c6e9142bf
-
Size
652KB
-
Sample
221026-s8611sgbd7
-
MD5
b22b9ddc22199e16c056ec2e877f7713
-
SHA1
d4326864f2f9b71a8eb8838f97e5a60b40129090
-
SHA256
5eb6f40321075392ebdeca3c270b0d41f3a338bb0cc293ab37baa88c6e9142bf
-
SHA512
3f3922483ce192da11bb5a2c0291614284ccdae904577154f962a9dd9c863c96d1a17047cbf078e9d4b4f4fddcf42076754cad2854f1494dd074d3f0b5bc6c69
-
SSDEEP
12288:TOiToJJCtSYpKrir+duA1hc/3395KcZnY4UKwp7hqq:T1Sg1+ccH16F4cUN6q
Malware Config
Targets
-
-
Target
5eb6f40321075392ebdeca3c270b0d41f3a338bb0cc293ab37baa88c6e9142bf
-
Size
652KB
-
MD5
b22b9ddc22199e16c056ec2e877f7713
-
SHA1
d4326864f2f9b71a8eb8838f97e5a60b40129090
-
SHA256
5eb6f40321075392ebdeca3c270b0d41f3a338bb0cc293ab37baa88c6e9142bf
-
SHA512
3f3922483ce192da11bb5a2c0291614284ccdae904577154f962a9dd9c863c96d1a17047cbf078e9d4b4f4fddcf42076754cad2854f1494dd074d3f0b5bc6c69
-
SSDEEP
12288:TOiToJJCtSYpKrir+duA1hc/3395KcZnY4UKwp7hqq:T1Sg1+ccH16F4cUN6q
Score7/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-