General

  • Target

    List Material EPC Project.exe

  • Size

    297KB

  • Sample

    230810-jbyhyaah65

  • MD5

    a7d8d33f99face2d87ed4ac822f5828f

  • SHA1

    40a813d602c798c1688137214200646f796d9a3b

  • SHA256

    02f9880f063d95ab677b80ea81797ff708e4cbc6111d8488fcb8df473e99cf69

  • SHA512

    5b4debfcaa9ea8c128ed45bc35f2129ad6568625677b0d373e6273939a25e41f2b98dcecace94d0d8978deff0e24cdf1dc1102c292a0bbcfebafbc3de1e45457

  • SSDEEP

    6144:oZ/qRr2UPl6xtg81RuDr8NTN5DXIMz0yxhE3AuR9xJ2DxnJ:oBM4xtODr8xDXHYQQEv

Score
10/10

Malware Config

Targets

    • Target

      List Material EPC Project.exe

    • Size

      297KB

    • MD5

      a7d8d33f99face2d87ed4ac822f5828f

    • SHA1

      40a813d602c798c1688137214200646f796d9a3b

    • SHA256

      02f9880f063d95ab677b80ea81797ff708e4cbc6111d8488fcb8df473e99cf69

    • SHA512

      5b4debfcaa9ea8c128ed45bc35f2129ad6568625677b0d373e6273939a25e41f2b98dcecace94d0d8978deff0e24cdf1dc1102c292a0bbcfebafbc3de1e45457

    • SSDEEP

      6144:oZ/qRr2UPl6xtg81RuDr8NTN5DXIMz0yxhE3AuR9xJ2DxnJ:oBM4xtODr8xDXHYQQEv

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks