General
-
Target
ab85d237bee85a4e9d28f837e04d0d45ce410705e2dbdbe7c6c64f7716614d0a.exe
-
Size
348KB
-
Sample
230712-hdt3vsdc3t
-
MD5
ae340bfc442660f131a75fff9f357219
-
SHA1
69c627c851f0064e5209431882fda6dbf68fb701
-
SHA256
ab85d237bee85a4e9d28f837e04d0d45ce410705e2dbdbe7c6c64f7716614d0a
-
SHA512
c136324746bf2690131c98fc1e866c941d78ccc72d1f58e757312f3772c6ac9c62384933d571dfc5958b7a12eb7d34a164c796c537974fbff6764d9d19d72b51
-
SSDEEP
6144:NhtyHU3lxVrDN4pAmdoDimE+6TK5j4D/2d4Q4SOCBazg95ccbsc+sbiuiJ:NhrrDqpAmCDi06TK5j40kSOCEk9dsfsO
Static task
static1
Behavioral task
behavioral1
Sample
ab85d237bee85a4e9d28f837e04d0d45ce410705e2dbdbe7c6c64f7716614d0a.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
ab85d237bee85a4e9d28f837e04d0d45ce410705e2dbdbe7c6c64f7716614d0a.exe
-
Size
348KB
-
MD5
ae340bfc442660f131a75fff9f357219
-
SHA1
69c627c851f0064e5209431882fda6dbf68fb701
-
SHA256
ab85d237bee85a4e9d28f837e04d0d45ce410705e2dbdbe7c6c64f7716614d0a
-
SHA512
c136324746bf2690131c98fc1e866c941d78ccc72d1f58e757312f3772c6ac9c62384933d571dfc5958b7a12eb7d34a164c796c537974fbff6764d9d19d72b51
-
SSDEEP
6144:NhtyHU3lxVrDN4pAmdoDimE+6TK5j4D/2d4Q4SOCBazg95ccbsc+sbiuiJ:NhrrDqpAmCDi06TK5j40kSOCEk9dsfsO
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-