General
-
Target
662a8d56ec465a96b1251f29c94bee20f3e30bd5a3a632fa3904c42a6840ef00
-
Size
247KB
-
Sample
230116-2vh7gaeh33
-
MD5
ec9bab61ebd369e7da67844842659e21
-
SHA1
e951d295b858224e241bc47446906a49f6ee4717
-
SHA256
662a8d56ec465a96b1251f29c94bee20f3e30bd5a3a632fa3904c42a6840ef00
-
SHA512
d47038cde13d0ce7014f9a1cef0bd43191ca60dfbded8783540bfc558a63f9f60459c34563e3f1cfcc1d3ad279ce319715ba06521568e0868bb8b8cbf64f3cd1
-
SSDEEP
6144:iT4Dt+KsyVTQuVy808j/EP/BhmHbOA7G2DzSK:iTKtVTQur084/BhM/rCK
Static task
static1
Behavioral task
behavioral1
Sample
662a8d56ec465a96b1251f29c94bee20f3e30bd5a3a632fa3904c42a6840ef00.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
662a8d56ec465a96b1251f29c94bee20f3e30bd5a3a632fa3904c42a6840ef00.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
662a8d56ec465a96b1251f29c94bee20f3e30bd5a3a632fa3904c42a6840ef00
-
Size
247KB
-
MD5
ec9bab61ebd369e7da67844842659e21
-
SHA1
e951d295b858224e241bc47446906a49f6ee4717
-
SHA256
662a8d56ec465a96b1251f29c94bee20f3e30bd5a3a632fa3904c42a6840ef00
-
SHA512
d47038cde13d0ce7014f9a1cef0bd43191ca60dfbded8783540bfc558a63f9f60459c34563e3f1cfcc1d3ad279ce319715ba06521568e0868bb8b8cbf64f3cd1
-
SSDEEP
6144:iT4Dt+KsyVTQuVy808j/EP/BhmHbOA7G2DzSK:iTKtVTQur084/BhM/rCK
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-