34.0.0 Boulder Opal
IR
559536
CloudBasic
13:18:52
25/01/2022
SdEkI4IDqd.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
003a7c37f9c06d75aaaa6f9b25dc3c41
a847ef8c72d26731963b189caff925a8a757d563
4f29b22b6b787babc2f984172f8ae0e3999b7621aeb6775ce023f2ef5db0b2e7
Win32 Executable (generic) a (10002005/4) 99.96%
true
false
false
false
72
0
100
5
0
5
false
C:\Users\user\AppData\Local\Temp\OVERROMANTICIZED.dat
false
448942A62FED29DEF36D74EECFE7D736
4312E7D4BE729BF6200A1F87C1C84391CF0706F3
87ADB3A77D22DD8C88F4900513775B411512F1964EBAC4DD4354554B4C36A68E
C:\Users\user\AppData\Local\Temp\gamer.txt
false
695A2030432B3D981B012A42EDCA055A
31283CF8F970E22E7C9B6FCB811B9C1608997211
F0568B8400FE6F4621B3E62C56B3C3AB9712DD6D30966A348EB3497ACF6B226A
C:\Users\user\AppData\Local\Temp\nsv7EA4.tmp\System.dll
false
CFF85C549D536F651D4FB8387F1976F2
D41CE3A5FF609DF9CF5C7E207D3B59BF8A48530E
8DC562CDA7217A3A52DB898243DE3E2ED68B80E62DDCB8619545ED0B4E7F65A8
Found malware configuration
Multi AV Scanner detection for submitted file
Tries to detect virtualization through RDTSC time measurements
C2 URLs / IPs found in malware configuration
Yara detected GuLoader