Analysis

  • max time kernel
    123s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    18-10-2021 20:14

General

  • Target

    Schenker Italiana S.p.A. CW305.exe

  • Size

    136KB

  • MD5

    f9387f159f97d49649d1e6b34802dd3f

  • SHA1

    b0f8090cb04a59d08e355553162a7fad645a3a4e

  • SHA256

    0af20465dac642791831be79702b7c4cbf204f170b8441ab001a7519eb6dc45c

  • SHA512

    e6a507398a4ed6279212c670ede75c25f47e82a04ef86f9f2ce7fb9fd64879a1c9bac17eaa2a0fe04bd5778d6da1167458f6716a984273820111daa70589f92c

Score
10/10

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Schenker Italiana S.p.A. CW305.exe
    "C:\Users\Admin\AppData\Local\Temp\Schenker Italiana S.p.A. CW305.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1216-55-0x0000000000220000-0x0000000000226000-memory.dmp

    Filesize

    24KB

  • memory/1216-56-0x0000000000220000-0x000000000022A000-memory.dmp

    Filesize

    40KB

  • memory/1216-57-0x00000000003C0000-0x00000000003D4000-memory.dmp

    Filesize

    80KB