Analysis
-
max time kernel
30s -
max time network
113s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
27-07-2021 07:24
Static task
static1
Behavioral task
behavioral1
Sample
b71e99f16b0c55a697bba6f37a61e6f8c5c4cf47d3687abdf5d4e4c3d0281b84.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
b71e99f16b0c55a697bba6f37a61e6f8c5c4cf47d3687abdf5d4e4c3d0281b84.exe
Resource
win10v20210410
General
-
Target
b71e99f16b0c55a697bba6f37a61e6f8c5c4cf47d3687abdf5d4e4c3d0281b84.exe
-
Size
108KB
-
MD5
14dfffbcec6e3967787a556ab0616746
-
SHA1
983023f69d647628fa9949a07a5ad2a475f8df45
-
SHA256
b71e99f16b0c55a697bba6f37a61e6f8c5c4cf47d3687abdf5d4e4c3d0281b84
-
SHA512
9d2cf8cc3efb3d9221b05133e4e4d7bf8cdb93c99879b15a215f555553dbc0db932ab9119af0d3fd245dd7619826dfb51ce91ea4fb37a0bbe7dbd7a7aef73e58
Malware Config
Extracted
guloader
https://onedrive.live.com/download?cid=5A3ABE07CAFFD4AC&resid=5A3ABE07CAFFD4AC%21114&authkey=ACQJWu1mCGGeplA
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
b71e99f16b0c55a697bba6f37a61e6f8c5c4cf47d3687abdf5d4e4c3d0281b84.exepid process 2576 b71e99f16b0c55a697bba6f37a61e6f8c5c4cf47d3687abdf5d4e4c3d0281b84.exe