General

  • Target

    inquiry 0093848831 xlsx.exe

  • Size

    466KB

  • Sample

    230809-lgkv5sbh61

  • MD5

    1dca92f621f119d5ff8f3c3f54ca77cc

  • SHA1

    ae78cf63bece66ba97fedbfa9f3a0f935739d54e

  • SHA256

    6b91613f78377d180e0385169b9582636dabd880e7e956b2d42495d1b627e7ea

  • SHA512

    8a50d217933e4e2e5df939ef1bebe25dadeac761bc87c8252aba473ae76b0a918f7599a0c44286170ca49988d91630b4b6f1b0d17305301422c71c05cd2d1251

  • SSDEEP

    6144:flgvTRHybTTgNYUqEyobcc1SbRATT7imFqJXWAxi5n1YLLUUyfipeDOhbn43JkSP:92wgNYGbc9RA+mFqJQ0IfeeD7CSi3a

Score
10/10

Malware Config

Targets

    • Target

      inquiry 0093848831 xlsx.exe

    • Size

      466KB

    • MD5

      1dca92f621f119d5ff8f3c3f54ca77cc

    • SHA1

      ae78cf63bece66ba97fedbfa9f3a0f935739d54e

    • SHA256

      6b91613f78377d180e0385169b9582636dabd880e7e956b2d42495d1b627e7ea

    • SHA512

      8a50d217933e4e2e5df939ef1bebe25dadeac761bc87c8252aba473ae76b0a918f7599a0c44286170ca49988d91630b4b6f1b0d17305301422c71c05cd2d1251

    • SSDEEP

      6144:flgvTRHybTTgNYUqEyobcc1SbRATT7imFqJXWAxi5n1YLLUUyfipeDOhbn43JkSP:92wgNYGbc9RA+mFqJQ0IfeeD7CSi3a

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks