31.0.0 Emerald
IR
356160
CloudBasic
17:24:00
22/02/2021
cigar.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
57261d6b5337c8d9f838617f2efd6c19
9f2855adb0a71a6079bcbe73438e1212b51f0bed
ee41c208f648cc461bf54a5d9e40040a25e51ebde8e9721937ca152d964bb10f
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
84
0
100
5
0
5
false
Contains functionality to detect hardware virtualization (CPUID execution measurement)
Detected RDTSC dummy instruction sequence (likely for instruction hammering)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect virtualization through RDTSC time measurements
Yara detected VB6 Downloader Generic
Multi AV Scanner detection for submitted file
Potential malicious icon found
Yara detected GuLoader