Overview

overview

10

Static

static

RFQ-PO758596.exe

windows7_x64

10

RFQ-PO758596.exe

windows10_x64

10

Analysis

  • max time kernel
    3s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    27-07-2021 06:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RFQ-PO758596.exe

  • Size

    125KB

  • MD5

    6d3e7f8113e2b5e6e95d2a8904aa0b5d

  • SHA1

    aa7f58b76a10a3e18aa6cd9fe253aa27b6ca3888

  • SHA256

    f573b29cef69436db26fd86234765fd4339ac5cf716c53337c5f1f2816161684

  • SHA512

    dc6df38254031dc242f32a3cdf1e3448e553aeca24ead0c3ffc39885245e44657e7878ebad038790c6e76284f08b78e5d7849ceb70e50f03a2611f491172ecd1

Score
10/10
guloaderdownloader

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\RFQ-PO758596.exe
    "C:\Users\Admin\AppData\Local\Temp\RFQ-PO758596.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/788-62-0x00000000003E0000-0x00000000003F2000-memory.dmp
    Filesize

    72KB

    Download