General

  • Target

    1.exe

  • Size

    299KB

  • Sample

    230803-kn81wacd42

  • MD5

    ea503ada337d9eb0a65a43df7de04256

  • SHA1

    0168df2069b1cce3924cdb29d8be7b46c3b2cdec

  • SHA256

    6065cbb9fb0ae29dbdeca23edc1869c329d71fa17cce27daead9fdfec4b48c42

  • SHA512

    1b241d77e6642584635add27db901ef04667cb8dc6892797bba6f7ac2e80bb72e7aae5275b9b94f8ad7660da163b2d86526df12d326861cb6697f5370e13bcf5

  • SSDEEP

    6144:TQ606x7lsJ88LxX9BLPQtAfFADvrHdwJzYTFETjPPtzETIKZFFRh:368sxX9Jb6fqYTFETjPP+FF5

Score
10/10

Malware Config

Targets

    • Target

      1.exe

    • Size

      299KB

    • MD5

      ea503ada337d9eb0a65a43df7de04256

    • SHA1

      0168df2069b1cce3924cdb29d8be7b46c3b2cdec

    • SHA256

      6065cbb9fb0ae29dbdeca23edc1869c329d71fa17cce27daead9fdfec4b48c42

    • SHA512

      1b241d77e6642584635add27db901ef04667cb8dc6892797bba6f7ac2e80bb72e7aae5275b9b94f8ad7660da163b2d86526df12d326861cb6697f5370e13bcf5

    • SSDEEP

      6144:TQ606x7lsJ88LxX9BLPQtAfFADvrHdwJzYTFETjPPtzETIKZFFRh:368sxX9Jb6fqYTFETjPP+FF5

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks