FACTURA.exe

General
Target

FACTURA.exe

Filesize

88KB

Completed

28-09-2021 06:32

Score
10/10
MD5

dbe61cfd43c95752f6dfbde236558782

SHA1

71b7f9ea7778a67ffc75fa0f7d8a74dc243aae22

SHA256

7194eca2c497f9ea9c3bb989fb7f328d9740b6d396af39ec66ec730c0db61044

Malware Config
Signatures 2

Filter: none

  • Guloader,Cloudeye

    Description

    A shellcode based downloader first seen in 2020.

  • Suspicious use of SetWindowsHookEx
    FACTURA.exe

    Reported IOCs

    pidprocess
    1796FACTURA.exe
Processes 1
  • C:\Users\Admin\AppData\Local\Temp\FACTURA.exe
    "C:\Users\Admin\AppData\Local\Temp\FACTURA.exe"
    Suspicious use of SetWindowsHookEx
    PID:1796
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads
                          • memory/1796-62-0x0000000076A01000-0x0000000076A03000-memory.dmp

                          • memory/1796-63-0x0000000000240000-0x0000000000251000-memory.dmp