Analysis

  • max time kernel
    15s
  • max time network
    8s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    24-02-2021 15:00

General

  • Target

    caraganas.exe

  • Size

    72KB

  • MD5

    99d875ac3341453383c9105669e14538

  • SHA1

    c459b8df634dc70ea2537d9588eeeb3d2b644d94

  • SHA256

    98bbdc74c1ff5407450d9019407d2012a08075269228497f10b9bf6e6471de42

  • SHA512

    d31f378dfc326ce5b84a73e7831d465860a20bd1ea2c61df1276821ac28275ca66b604e75a1e0634aaee52e652ee9e0a514175109fe91721a0e33ea4f8176b69

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

  • Guloader Payload 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\caraganas.exe
    "C:\Users\Admin\AppData\Local\Temp\caraganas.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1888-4-0x0000000000420000-0x000000000042B000-memory.dmp
    Filesize

    44KB