General
-
Target
1.exe
-
Size
299KB
-
Sample
230803-kn81wacd42
-
MD5
ea503ada337d9eb0a65a43df7de04256
-
SHA1
0168df2069b1cce3924cdb29d8be7b46c3b2cdec
-
SHA256
6065cbb9fb0ae29dbdeca23edc1869c329d71fa17cce27daead9fdfec4b48c42
-
SHA512
1b241d77e6642584635add27db901ef04667cb8dc6892797bba6f7ac2e80bb72e7aae5275b9b94f8ad7660da163b2d86526df12d326861cb6697f5370e13bcf5
-
SSDEEP
6144:TQ606x7lsJ88LxX9BLPQtAfFADvrHdwJzYTFETjPPtzETIKZFFRh:368sxX9Jb6fqYTFETjPP+FF5
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
1.exe
-
Size
299KB
-
MD5
ea503ada337d9eb0a65a43df7de04256
-
SHA1
0168df2069b1cce3924cdb29d8be7b46c3b2cdec
-
SHA256
6065cbb9fb0ae29dbdeca23edc1869c329d71fa17cce27daead9fdfec4b48c42
-
SHA512
1b241d77e6642584635add27db901ef04667cb8dc6892797bba6f7ac2e80bb72e7aae5275b9b94f8ad7660da163b2d86526df12d326861cb6697f5370e13bcf5
-
SSDEEP
6144:TQ606x7lsJ88LxX9BLPQtAfFADvrHdwJzYTFETjPPtzETIKZFFRh:368sxX9Jb6fqYTFETjPP+FF5
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-