General
-
Target
tmp
-
Size
420KB
-
Sample
230711-rme5qsae8v
-
MD5
601f2b22a16a96c9ddaae24e2c5611f2
-
SHA1
cc7e8c661cecd541b5134cf06011031dd164c58a
-
SHA256
8c63c1e28683c7aa90cb40df346fe1d5dbc3b2bd994cd883cd7e551518486098
-
SHA512
12dcf65c54e2d647ae90a0433a22d70e0fa6624ea524a72ad2b4ca635cad92961a6a6d341b228733ba0b477bcbda54d31545916daec51d3ff178b27d0d8ce7c7
-
SSDEEP
6144:kC2guh2RGxfWgrfXQi12xMhtj3+z0N+Y9uVza:fY2sxuUfXB2xMfbsS+YsVza
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
tmp
-
Size
420KB
-
MD5
601f2b22a16a96c9ddaae24e2c5611f2
-
SHA1
cc7e8c661cecd541b5134cf06011031dd164c58a
-
SHA256
8c63c1e28683c7aa90cb40df346fe1d5dbc3b2bd994cd883cd7e551518486098
-
SHA512
12dcf65c54e2d647ae90a0433a22d70e0fa6624ea524a72ad2b4ca635cad92961a6a6d341b228733ba0b477bcbda54d31545916daec51d3ff178b27d0d8ce7c7
-
SSDEEP
6144:kC2guh2RGxfWgrfXQi12xMhtj3+z0N+Y9uVza:fY2sxuUfXB2xMfbsS+YsVza
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-