Analysis
-
max time kernel
77s -
max time network
112s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
21-04-2021 09:29
Static task
static1
Behavioral task
behavioral1
Sample
VIALES Y OBRAS PÚBLICAS, SA,OFFER 16521.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
VIALES Y OBRAS PÚBLICAS, SA,OFFER 16521.exe
Resource
win10v20210410
windows10_x64
0 signatures
0 seconds
General
-
Target
VIALES Y OBRAS PÚBLICAS, SA,OFFER 16521.exe
-
Size
184KB
-
MD5
c9cf58373c890b36e74ac421cd548bd0
-
SHA1
66a1507aedc3c3d00165905c6a1ad6ed419a6dbd
-
SHA256
059f1705efbfd4bcc855b0ff6781e4bc9186e5d1e67229032229f1c36950bd44
-
SHA512
f8b7072d0475465afc75d1ad4ac3263c5c509d03a05e5ec13bde5946ec9f1939531db57fb7a3ef620b319cd6283589a191585a60f2c73b4cba17bec1c87d4cb7
Score
10/10
Malware Config
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Guloader Payload 1 IoCs
Processes:
resource yara_rule behavioral2/memory/2204-116-0x00000000001C0000-0x00000000001CC000-memory.dmp family_guloader -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
VIALES Y OBRAS PÚBLICAS, SA,OFFER 16521.exepid process 2204 VIALES Y OBRAS PÚBLICAS, SA,OFFER 16521.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2204-116-0x00000000001C0000-0x00000000001CC000-memory.dmpFilesize
48KB