General
-
Target
114a7efb95ce3d5b35a36781755d02ad1ef8de4620369416ac62580789d1d85e.exe
-
Size
1.2MB
-
Sample
230110-pkgjnsbg21
-
MD5
af1396ae6de9b21c65208759f351072c
-
SHA1
d5d206e5de775ccd65a7fd676491c1723d6439cd
-
SHA256
114a7efb95ce3d5b35a36781755d02ad1ef8de4620369416ac62580789d1d85e
-
SHA512
639f343b4fdd43d762d7b037a9307dbba3675fd060610e4181cfd192cf06aa92b77116f73bdf5e205804a3ebe75bf99030541090eb583adc206e7eac5a5fcac5
-
SSDEEP
24576:/utJ4VSJli1SxaG8iP1xlrHJq/O8ixgkjtUqg+LXg17nPQZ7lRNGhs+dZqI/VSkU:5gb2SxwaRrHJiO8ixgkrnLk7CBCZqSVo
Static task
static1
Behavioral task
behavioral1
Sample
114a7efb95ce3d5b35a36781755d02ad1ef8de4620369416ac62580789d1d85e.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
114a7efb95ce3d5b35a36781755d02ad1ef8de4620369416ac62580789d1d85e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
114a7efb95ce3d5b35a36781755d02ad1ef8de4620369416ac62580789d1d85e.exe
-
Size
1.2MB
-
MD5
af1396ae6de9b21c65208759f351072c
-
SHA1
d5d206e5de775ccd65a7fd676491c1723d6439cd
-
SHA256
114a7efb95ce3d5b35a36781755d02ad1ef8de4620369416ac62580789d1d85e
-
SHA512
639f343b4fdd43d762d7b037a9307dbba3675fd060610e4181cfd192cf06aa92b77116f73bdf5e205804a3ebe75bf99030541090eb583adc206e7eac5a5fcac5
-
SSDEEP
24576:/utJ4VSJli1SxaG8iP1xlrHJq/O8ixgkjtUqg+LXg17nPQZ7lRNGhs+dZqI/VSkU:5gb2SxwaRrHJiO8ixgkrnLk7CBCZqSVo
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-