Overview

overview

10

Static

static

FACTURA Y ...2).exe

windows7_x64

10

FACTURA Y ...2).exe

windows10_x64

10

Analysis

  • max time kernel
    4s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    11-06-2021 00:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FACTURA Y ALBARANES (2).exe

  • Size

    140KB

  • MD5

    0a2ce5a915bf643953baf2fcf3b25a5e

  • SHA1

    21a26264df4f615da898b38ef9332ff66d24b505

  • SHA256

    5a5428877719d24368bc14761dee49adf676fd883abd3a8c30b84c0b0c7e13f5

  • SHA512

    9f79397ffdef767bd1d7ae12395be4b9172b556e6626b0811a22670acc645d7367f5dadeb5b1b4007e4c0f1829494cea55e2d3a28cddc16aa43f43bbab820574

Score
10/10
guloaderdownloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=10cWvVkUqjSi-M-x6hHokSklVF3h_YX3c

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FACTURA Y ALBARANES (2).exe
    "C:\Users\Admin\AppData\Local\Temp\FACTURA Y ALBARANES (2).exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1840-61-0x0000000000500000-0x0000000000517000-memory.dmp
    Filesize

    92KB

    Download