General
-
Target
prueba de pago-pdf.rar
-
Size
456KB
-
Sample
230808-q65dasch57
-
MD5
8be7d694d376bbb14dcdfe4883224acb
-
SHA1
257366e663ce589e4bc87379928c07ca82d5e771
-
SHA256
fd7ab6b64dfe5d083da6f23cc6d2dee18bf7eb79ffb4ea9b053542391b591d03
-
SHA512
8df5e3fc441f72d99e8ad1bc572613797170d3b488f660fc2bbd6f2522c24cdb6cec68ef0d1a5d09b6229cee27fabcc1ee29433a6874b06e41a3963829022812
-
SSDEEP
12288:bt0HofYP0TDT43GyKiBIF06dQTUMmE//ll:Z0IfYP03sWriICsQTUJ0/ll
Static task
static1
Behavioral task
behavioral1
Sample
prueba de pago.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
prueba de pago.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
prueba de pago.exe
-
Size
560KB
-
MD5
f635f99f740b1bd4f2e5c5d968bf3c4a
-
SHA1
e9d73ba51502695bba19093b63370a431442d225
-
SHA256
11a13f0291f2145e792f3f7d18a1c3747767e93b71292a9fdefed34d52dff3b8
-
SHA512
1de9d951ab3f18dc476275820cbc0a1332cb3376dc3ce2562beb506f79534f971adc7ca20bdedac8ef752d798c2dab2b4a9432ba92d2622891990b0f99316c97
-
SSDEEP
12288:xtHb13bWictv8DDM+1FwFj5u6R257MXXkuOaziOUeq:vbNrcx8DDY5u5VNazDg
Score10/10-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-