General

  • Target

    eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633

  • Size

    751KB

  • Sample

    230803-nxbnhsec4w

  • MD5

    22253513836965fd2d5e0eb0c5878bf5

  • SHA1

    02c6b84240e10c5e921b61640a1542e4e9880bc6

  • SHA256

    eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633

  • SHA512

    dfc29d69cc71cbbee5e174339025ce931d038ffd2521b96ace8532b901f2da4a9cd9b9277babf805312d9b60b7d10dee67f75771b4095dfef00da100263ff6e7

  • SSDEEP

    12288:wqUyPO6sfIg5S6guC6ii9370SseaBREtTzh6aUWkbYtleahPrNC4T6ouo8yE:TW6h0S3O70aZvhUItM4ux

Score
10/10

Malware Config

Targets

    • Target

      eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633

    • Size

      751KB

    • MD5

      22253513836965fd2d5e0eb0c5878bf5

    • SHA1

      02c6b84240e10c5e921b61640a1542e4e9880bc6

    • SHA256

      eec1e082bd9940de0455aca6b4c7d73f2216f612968a4b9fa012b46d4afeb633

    • SHA512

      dfc29d69cc71cbbee5e174339025ce931d038ffd2521b96ace8532b901f2da4a9cd9b9277babf805312d9b60b7d10dee67f75771b4095dfef00da100263ff6e7

    • SSDEEP

      12288:wqUyPO6sfIg5S6guC6ii9370SseaBREtTzh6aUWkbYtleahPrNC4T6ouo8yE:TW6h0S3O70aZvhUItM4ux

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks