Analysis
-
max time kernel
139s -
max time network
142s -
platform
windows7_x64 -
resource
win7-en -
submitted
15-09-2021 06:05
Static task
static1
Behavioral task
behavioral1
Sample
usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe
Resource
win7-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe
Resource
win10-en
windows10_x64
0 signatures
0 seconds
General
-
Target
usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe
-
Size
128KB
-
MD5
257e1f881863b023fcddaedb2ac22e68
-
SHA1
9cff8e3a2a2cb5ad3acba8d4260b2581e0098ac9
-
SHA256
856d455d07bff404e39b422f1ad0bbff9397707c86670dbc1134729b44a8c868
-
SHA512
a3bdd1a69f697a1fe2f806f2e4cdb821bbbb837fe251151473c2af56b3785ecd4ad0902f099d83063da3f122fdd25cf781299e96c9ea035b6c90e72695166dda
Score
10/10
Malware Config
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exepid process 1960 usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1960-55-0x00000000003B0000-0x00000000003C1000-memory.dmpFilesize
68KB