Overview

overview

10

Static

static

usd15.030 ...nt.exe

windows7_x64

10

usd15.030 ...nt.exe

windows10_x64

10

Analysis

  • max time kernel
    139s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-en
  • submitted
    15-09-2021 06:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe

  • Size

    128KB

  • MD5

    257e1f881863b023fcddaedb2ac22e68

  • SHA1

    9cff8e3a2a2cb5ad3acba8d4260b2581e0098ac9

  • SHA256

    856d455d07bff404e39b422f1ad0bbff9397707c86670dbc1134729b44a8c868

  • SHA512

    a3bdd1a69f697a1fe2f806f2e4cdb821bbbb837fe251151473c2af56b3785ecd4ad0902f099d83063da3f122fdd25cf781299e96c9ea035b6c90e72695166dda

Score
10/10
guloaderdownloader

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe
    "C:\Users\Admin\AppData\Local\Temp\usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1960-55-0x00000000003B0000-0x00000000003C1000-memory.dmp
    Filesize

    68KB

    Download