Overview
overview
10Static
static
8IoC/004144..._4.xls
windows7_x64
1IoC/004144..._4.xls
windows10_x64
1IoC/004146..._4.xls
windows7_x64
1IoC/004146..._4.xls
windows10_x64
1IoC/004149..._4.xls
windows7_x64
1IoC/004149..._4.xls
windows10_x64
1IoC/004151..._4.xls
windows7_x64
1IoC/004151..._4.xls
windows10_x64
1IoC/004172..._4.xls
windows7_x64
1IoC/004172..._4.xls
windows10_x64
1Scan0035.exe
windows7_x64
10Scan0035.exe
windows10_x64
10Schenker I...05.exe
windows7_x64
10Schenker I...05.exe
windows10_x64
10Analysis
-
max time kernel
123s -
max time network
120s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
18-10-2021 20:14
Static task
static1
Behavioral task
behavioral1
Sample
IoC/004144376948_4.xls
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
IoC/004144376948_4.xls
Resource
win10-en-20210920
Behavioral task
behavioral3
Sample
IoC/004146831131_4.xls
Resource
win7-en-20210920
Behavioral task
behavioral4
Sample
IoC/004146831131_4.xls
Resource
win10-en-20211014
Behavioral task
behavioral5
Sample
IoC/004149453535_4.xls
Resource
win7-en-20210920
Behavioral task
behavioral6
Sample
IoC/004149453535_4.xls
Resource
win10-en-20211014
Behavioral task
behavioral7
Sample
IoC/004151080639_4.xls
Resource
win7-en-20210920
Behavioral task
behavioral8
Sample
IoC/004151080639_4.xls
Resource
win10-en-20211014
Behavioral task
behavioral9
Sample
IoC/004172770391_4.xls
Resource
win7-en-20210920
Behavioral task
behavioral10
Sample
IoC/004172770391_4.xls
Resource
win10-en-20210920
Behavioral task
behavioral11
Sample
Scan0035.exe
Resource
win7-en-20211014
Behavioral task
behavioral12
Sample
Scan0035.exe
Resource
win10-en-20210920
Behavioral task
behavioral13
Sample
Schenker Italiana S.p.A. CW305.exe
Resource
win7-en-20211014
Behavioral task
behavioral14
Sample
Schenker Italiana S.p.A. CW305.exe
Resource
win10-en-20210920
General
-
Target
Schenker Italiana S.p.A. CW305.exe
-
Size
136KB
-
MD5
f9387f159f97d49649d1e6b34802dd3f
-
SHA1
b0f8090cb04a59d08e355553162a7fad645a3a4e
-
SHA256
0af20465dac642791831be79702b7c4cbf204f170b8441ab001a7519eb6dc45c
-
SHA512
e6a507398a4ed6279212c670ede75c25f47e82a04ef86f9f2ce7fb9fd64879a1c9bac17eaa2a0fe04bd5778d6da1167458f6716a984273820111daa70589f92c
Malware Config
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
Schenker Italiana S.p.A. CW305.exepid process 1216 Schenker Italiana S.p.A. CW305.exe