General

  • Target

    BOQ Materials Needed.exe

  • Size

    287KB

  • Sample

    230808-l8g9bsbh26

  • MD5

    4eb1b441c860c71708794b28c87b9c08

  • SHA1

    35625513075c4525445b50506fc64450be40cf5a

  • SHA256

    10d2e26e7fd2141f3a41f907b3be1a6ae8778ba8e39f3b485ead152956ac0d43

  • SHA512

    433ac1a6eac3ba7572dbb13028f1713e730d294fe0f6a70f44849bb771b27cf788688e46befefdbe076cbb73d8408cb2996555fe6b8bdfa7c6205f18139ee96d

  • SSDEEP

    6144:7zAJFDDsenq/rB0ecpgKGY1S33cuFy9FakHT5EzjwgB7xMiSy9K:vCjnqldKGY1A3cN9lz5EogBliX

Score
10/10

Malware Config

Targets

    • Target

      BOQ Materials Needed.exe

    • Size

      287KB

    • MD5

      4eb1b441c860c71708794b28c87b9c08

    • SHA1

      35625513075c4525445b50506fc64450be40cf5a

    • SHA256

      10d2e26e7fd2141f3a41f907b3be1a6ae8778ba8e39f3b485ead152956ac0d43

    • SHA512

      433ac1a6eac3ba7572dbb13028f1713e730d294fe0f6a70f44849bb771b27cf788688e46befefdbe076cbb73d8408cb2996555fe6b8bdfa7c6205f18139ee96d

    • SSDEEP

      6144:7zAJFDDsenq/rB0ecpgKGY1S33cuFy9FakHT5EzjwgB7xMiSy9K:vCjnqldKGY1A3cN9lz5EogBliX

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks