Analysis
-
max time kernel
4s -
max time network
12s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
11-06-2021 00:32
Static task
static1
Behavioral task
behavioral1
Sample
FACTURA Y ALBARANES (2).exe
Resource
win7v20210408
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
FACTURA Y ALBARANES (2).exe
Resource
win10v20210410
0 signatures
0 seconds
General
-
Target
FACTURA Y ALBARANES (2).exe
-
Size
140KB
-
MD5
0a2ce5a915bf643953baf2fcf3b25a5e
-
SHA1
21a26264df4f615da898b38ef9332ff66d24b505
-
SHA256
5a5428877719d24368bc14761dee49adf676fd883abd3a8c30b84c0b0c7e13f5
-
SHA512
9f79397ffdef767bd1d7ae12395be4b9172b556e6626b0811a22670acc645d7367f5dadeb5b1b4007e4c0f1829494cea55e2d3a28cddc16aa43f43bbab820574
Score
10/10
Malware Config
Extracted
Family
guloader
C2
https://drive.google.com/uc?export=download&id=10cWvVkUqjSi-M-x6hHokSklVF3h_YX3c
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
FACTURA Y ALBARANES (2).exepid process 1840 FACTURA Y ALBARANES (2).exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1840-61-0x0000000000500000-0x0000000000517000-memory.dmpFilesize
92KB