34.0.0 Boulder Opal
IR
528676
CloudBasic
16:30:07
25/11/2021
RFQ_TZDQP2110257921.exe
default.jbs
Windows 10 64 bit 20H2 Native <b>physical Machine for testing VM-aware malware</b> (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
WINDOWS
de5e1ca79f9bc16726e87f9e04529a33
c688c1b2ea205aa37f7fe4a511d18f1bdead62a1
9f1956145a9bdc606ad1463721f38ea1c31c6aeabfb028a0b134c0f3e881db47
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
80
0
100
5
0
5
false
C:\Users\user\AppData\Local\Temp\~DF5138B99E2C3F8BE8.TMP
false
19809EDD1FF00A1D7C105BC58A97CD02
26FB6D339CF2A7474DE6F785166163FA9B2ADBB1
4745D04A4BB99D70866D722394D9E71F3FAE597AA84E229A1E3B40F31521594C
142.250.185.142
drive.google.com
false
142.250.185.142
Hides threads from debuggers
Found malware configuration
Tries to detect Any.run
Multi AV Scanner detection for submitted file
C2 URLs / IPs found in malware configuration
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Yara detected GuLoader