33.0.0 White Diamond
IR
450724
CloudBasic
16:34:49
19/07/2021
RICHIESTA DI OFFERTA.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
73bb5c4b690b8d6df88d6bc18fb3a553
60adddd91b6038fc9d819cf6d647ce3be0b11d38
a3feb5265e6d02710f04ff618e966e9da9ba8fc8dc5692d6f7633fe0a3037b66
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
84
0
100
5
0
5
false
C2 URLs / IPs found in malware configuration
Contains functionality to detect hardware virtualization (CPUID execution measurement)
Detected RDTSC dummy instruction sequence (likely for instruction hammering)
Found potential dummy code loops (likely to delay analysis)
Tries to detect virtualization through RDTSC time measurements
Found malware configuration
Multi AV Scanner detection for submitted file
Yara detected GuLoader