General
-
Target
363b7aaa875c65c3c134a3c2051a4bd8fa5a9a1376597609f95a43b219e56bd3exe_JC.exe
-
Size
332KB
-
Sample
230803-s8pfzaea57
-
MD5
bd5b02844aa6410f0369e0b07fcffcb3
-
SHA1
a87a1ba2cda550b43502a3afcb355f59e86a9ca4
-
SHA256
363b7aaa875c65c3c134a3c2051a4bd8fa5a9a1376597609f95a43b219e56bd3
-
SHA512
b6138b0e06a8aa86b37a9f6941e195626ac13c1cd8f7ae8719929489d3906d1df20c151519f287d3d73e8115be98bd03e00fda722386b64579b88bb02e254ddc
-
SSDEEP
6144:NQ606x3uwBN3FrNRm9vtTpd0NZtQQnS0EKlsT6JIyy8T:nhBNM0pEMsT6By8T
Static task
static1
Behavioral task
behavioral1
Sample
363b7aaa875c65c3c134a3c2051a4bd8fa5a9a1376597609f95a43b219e56bd3exe_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
363b7aaa875c65c3c134a3c2051a4bd8fa5a9a1376597609f95a43b219e56bd3exe_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
363b7aaa875c65c3c134a3c2051a4bd8fa5a9a1376597609f95a43b219e56bd3exe_JC.exe
-
Size
332KB
-
MD5
bd5b02844aa6410f0369e0b07fcffcb3
-
SHA1
a87a1ba2cda550b43502a3afcb355f59e86a9ca4
-
SHA256
363b7aaa875c65c3c134a3c2051a4bd8fa5a9a1376597609f95a43b219e56bd3
-
SHA512
b6138b0e06a8aa86b37a9f6941e195626ac13c1cd8f7ae8719929489d3906d1df20c151519f287d3d73e8115be98bd03e00fda722386b64579b88bb02e254ddc
-
SSDEEP
6144:NQ606x3uwBN3FrNRm9vtTpd0NZtQQnS0EKlsT6JIyy8T:nhBNM0pEMsT6By8T
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-