General
-
Target
eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633
-
Size
751KB
-
Sample
230803-nxbnhsec4w
-
MD5
22253513836965fd2d5e0eb0c5878bf5
-
SHA1
02c6b84240e10c5e921b61640a1542e4e9880bc6
-
SHA256
eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633
-
SHA512
dfc29d69cc71cbbee5e174339025ce931d038ffd2521b96ace8532b901f2da4a9cd9b9277babf805312d9b60b7d10dee67f75771b4095dfef00da100263ff6e7
-
SSDEEP
12288:wqUyPO6sfIg5S6guC6ii9370SseaBREtTzh6aUWkbYtleahPrNC4T6ouo8yE:TW6h0S3O70aZvhUItM4ux
Static task
static1
Behavioral task
behavioral1
Sample
eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633
-
Size
751KB
-
MD5
22253513836965fd2d5e0eb0c5878bf5
-
SHA1
02c6b84240e10c5e921b61640a1542e4e9880bc6
-
SHA256
eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633
-
SHA512
dfc29d69cc71cbbee5e174339025ce931d038ffd2521b96ace8532b901f2da4a9cd9b9277babf805312d9b60b7d10dee67f75771b4095dfef00da100263ff6e7
-
SSDEEP
12288:wqUyPO6sfIg5S6guC6ii9370SseaBREtTzh6aUWkbYtleahPrNC4T6ouo8yE:TW6h0S3O70aZvhUItM4ux
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-