General

  • Target

    9fa60053165fb875d9c7a4b23c33bf13eeb3bfc414a284921bf07df60a4181c9exe_JC.exe

  • Size

    244KB

  • Sample

    230808-wp2tqseh22

  • MD5

    6d4ffbfd1845ed88dbefa7adbb9c9abd

  • SHA1

    95c1b62f6fb4cb6b1125629ce92a04f74761fe2a

  • SHA256

    9fa60053165fb875d9c7a4b23c33bf13eeb3bfc414a284921bf07df60a4181c9

  • SHA512

    81b166f0e2c13bf5b367b872fe3e2d82761be618e582119d970ebda09a4c049234f95b5d4d119c90625bcf579d3dc44c3f82b67a31e5999272b6c6d684e3ce2d

  • SSDEEP

    6144:wQLFhcP714PtsJe82/bOKcsGBBT6L96xcPiNmF7jaMLDTFwV:VFaPpFJe8XtBuKcPiU7jE

Score
10/10

Malware Config

Targets

    • Target

      9fa60053165fb875d9c7a4b23c33bf13eeb3bfc414a284921bf07df60a4181c9exe_JC.exe

    • Size

      244KB

    • MD5

      6d4ffbfd1845ed88dbefa7adbb9c9abd

    • SHA1

      95c1b62f6fb4cb6b1125629ce92a04f74761fe2a

    • SHA256

      9fa60053165fb875d9c7a4b23c33bf13eeb3bfc414a284921bf07df60a4181c9

    • SHA512

      81b166f0e2c13bf5b367b872fe3e2d82761be618e582119d970ebda09a4c049234f95b5d4d119c90625bcf579d3dc44c3f82b67a31e5999272b6c6d684e3ce2d

    • SSDEEP

      6144:wQLFhcP714PtsJe82/bOKcsGBBT6L96xcPiNmF7jaMLDTFwV:VFaPpFJe8XtBuKcPiU7jE

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks