General
-
Target
glicthed_toilet.vbs
-
Size
15KB
-
Sample
230809-jh4crshf96
-
MD5
049b9014e6f8a2694db9e0a2d22b7599
-
SHA1
789da03f8239f32de6c79e548727d1a9026d8b1d
-
SHA256
119a8db677b0d17dddfa22a63ee173517caaab0d36605bb0f36b6dfa6c118f0d
-
SHA512
378530eee621659047620ced4a76abeb3867b0aa4addfeb6bdb941536bf28f826a2aa4be8e57b0fb2181ca8c80fe2b0d41b0c78caae43f24329f42dd9dc945a8
-
SSDEEP
384:eMerf4wOykhi+eRvezHGDx6xpuMcFrh/zzqRBwb:evrwwOyX7z4YFVrzRb
Static task
static1
Behavioral task
behavioral1
Sample
glicthed_toilet.vbs
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
glicthed_toilet.vbs
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
glicthed_toilet.vbs
-
Size
15KB
-
MD5
049b9014e6f8a2694db9e0a2d22b7599
-
SHA1
789da03f8239f32de6c79e548727d1a9026d8b1d
-
SHA256
119a8db677b0d17dddfa22a63ee173517caaab0d36605bb0f36b6dfa6c118f0d
-
SHA512
378530eee621659047620ced4a76abeb3867b0aa4addfeb6bdb941536bf28f826a2aa4be8e57b0fb2181ca8c80fe2b0d41b0c78caae43f24329f42dd9dc945a8
-
SSDEEP
384:eMerf4wOykhi+eRvezHGDx6xpuMcFrh/zzqRBwb:evrwwOyX7z4YFVrzRb
Score10/10-
Blocklisted process makes network request
-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-