General

  • Target

    Solicitud de Cotización (Universidad Autónoma de Centroamérica costa Rica)·pdf.exe

  • Size

    1.5MB

  • Sample

    230804-fej8yahe99

  • MD5

    a7154fc76746640a74a084b384a73167

  • SHA1

    3537207cdb5727d0becbf746b993d6930e497416

  • SHA256

    f8de8a1c7444291f99f4ee2f1e2fe81ca27d2b1b195705a7dba0219b66961db6

  • SHA512

    f2f038ba384a5532a0b2ae3f9ab7a81c59bfcec05bf24fbfe025c23d80e7babdb93567d65eaba82719973b77228aea825a2ca79183437d66b6f923c7a3678cd9

  • SSDEEP

    24576:3y8I5+eb8yxWHy9+9tLFOk7UVvT/WNQY97gGLkZAZoHTzXFYx6hJQFfazuTovJRI:nUB/WmY97gY84onVu66f7zLDwWKMkU

Score
10/10

Malware Config

Targets

    • Target

      Solicitud de Cotización (Universidad Autónoma de Centroamérica costa Rica)·pdf.exe

    • Size

      1.5MB

    • MD5

      a7154fc76746640a74a084b384a73167

    • SHA1

      3537207cdb5727d0becbf746b993d6930e497416

    • SHA256

      f8de8a1c7444291f99f4ee2f1e2fe81ca27d2b1b195705a7dba0219b66961db6

    • SHA512

      f2f038ba384a5532a0b2ae3f9ab7a81c59bfcec05bf24fbfe025c23d80e7babdb93567d65eaba82719973b77228aea825a2ca79183437d66b6f923c7a3678cd9

    • SSDEEP

      24576:3y8I5+eb8yxWHy9+9tLFOk7UVvT/WNQY97gGLkZAZoHTzXFYx6hJQFfazuTovJRI:nUB/WmY97gY84onVu66f7zLDwWKMkU

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks