General
-
Target
JaffaCakes118_2153b8af04a231529dc2c1ec72a8535c9994b16db53fcdd8b58944b066dcc741
-
Size
71KB
-
Sample
241223-ssddrstjdt
-
MD5
4d3461bb5ec13ac7432dd5419c903925
-
SHA1
535a4b96a1267872df0bdeaa3169b3d09fce8ed2
-
SHA256
2153b8af04a231529dc2c1ec72a8535c9994b16db53fcdd8b58944b066dcc741
-
SHA512
344be55a8b132e9c0796ce01570c2d76921ca4e08e0a665a1057fbc9b0c348cd19eded86fc0532a3367e6375e911db55a9efaf64eb977cede884ed976526f90b
-
SSDEEP
1536:kJa807nQ1X0jm9Xti+ZUXu8zVTEaWklMyvem2DvcCxYz9EilL6:kJZE1MRZc5tE0lMy4DvBx09Ed
Static task
static1
Behavioral task
behavioral1
Sample
bc17992fdb1d5f78b149ade199607473293b684eb42827a33c992f2a86a39708.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
bc17992fdb1d5f78b149ade199607473293b684eb42827a33c992f2a86a39708.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
bc17992fdb1d5f78b149ade199607473293b684eb42827a33c992f2a86a39708
-
Size
269KB
-
MD5
0687d2967a7544a70b1af7b740af40e6
-
SHA1
76a18314d3e7005aca19ef36174b93264d35e421
-
SHA256
bc17992fdb1d5f78b149ade199607473293b684eb42827a33c992f2a86a39708
-
SHA512
432119a174bb8aac27b4edfb99f7dd98fafea7e1e72ab1d1136c0f6202452d9efed20be5777300ecd194314a889ea3195a338c46544ad3e39f61b0ad4dd5876f
-
SSDEEP
6144:oAVTvYW68CrncZaofffffffffffffffffffffffffffffffffffffffffffff2fR:oANE8CrcZU
Score10/10-
Guloader family
-
Checks QEMU agent file
Checks presence of QEMU agent, possibly to detect virtualization.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-