32.0.0 Black Diamond
IR
430987
CloudBasic
10:11:10
08/06/2021
vbc.exe.vir
default.jbs
Windows 7 x64 SP1 with Office 2010 SP2 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
WINDOWS
788016c9072423914b96f0d15a61812d
040f85b4ef512bb74990becfa1a5029f92eb65c7
df34f3d4030a5ea484108271f749ca5fbc3af0f415051e98b342a505c88971e4
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
80
0
100
5
0
5
false
C2 URLs / IPs found in malware configuration
Contains functionality to detect hardware virtualization (CPUID execution measurement)
Found potential dummy code loops (likely to delay analysis)
Tries to detect virtualization through RDTSC time measurements
Found malware configuration
Potential malicious icon found
Yara detected GuLoader