General
-
Target
Cobaltbghdbghich11_browsingExe.exe
-
Size
1.1MB
-
Sample
230802-wthawshh51
-
MD5
4dcc8b1dd2b3895dd93526c6c9f3ac47
-
SHA1
36dbd2bd1090b5eb1acbf44663bc7ebe9a82a66c
-
SHA256
3d0fd0444a9e295135ecfdc8c87ddc6dcdff63969c745e0218469332aef18dfe
-
SHA512
9015f51aa639c86e49b42ed3f7d6dbc71f26563c4313e5c90fd19c0e32fc4cd917d3e368a0db981a6fede04c08a4c19c766c0bda8d7fb6516461ae1093bfa331
-
SSDEEP
24576:+NY2wPzlsdAtgC5kg3VsuhTU2XQAWZ1n4D:Oj+XknuhThSnW
Static task
static1
Behavioral task
behavioral1
Sample
Cobaltbghdbghich11_browsingExe.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
Cobaltbghdbghich11_browsingExe.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
Cobaltbghdbghich11_browsingExe.exe
-
Size
1.1MB
-
MD5
4dcc8b1dd2b3895dd93526c6c9f3ac47
-
SHA1
36dbd2bd1090b5eb1acbf44663bc7ebe9a82a66c
-
SHA256
3d0fd0444a9e295135ecfdc8c87ddc6dcdff63969c745e0218469332aef18dfe
-
SHA512
9015f51aa639c86e49b42ed3f7d6dbc71f26563c4313e5c90fd19c0e32fc4cd917d3e368a0db981a6fede04c08a4c19c766c0bda8d7fb6516461ae1093bfa331
-
SSDEEP
24576:+NY2wPzlsdAtgC5kg3VsuhTU2XQAWZ1n4D:Oj+XknuhThSnW
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-