General
-
Target
ba33c33e01b5f72eb0e0651f58de0641447b40301d8793965e70e67bf83447e8
-
Size
15KB
-
Sample
220121-28ndcacggr
-
MD5
0ade6f594028701c8b403eab41ed3584
-
SHA1
26a4dab79f46dbb55385d8fd5e6dcbbe51491561
-
SHA256
ba33c33e01b5f72eb0e0651f58de0641447b40301d8793965e70e67bf83447e8
-
SHA512
5b7704da3e39e775dd6a4ab0cc0d699ea253069cb0fd3570b2edc49eb0d1a9c220995fab5457e0a52e55e9d17a6e6a67b4131213d58c0b5f4cffdc7bd1d6d642
Static task
static1
Behavioral task
behavioral1
Sample
B2020006307357.PDF...exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
B2020006307357.PDF...exe
Resource
win10-en-20211208
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1nxID3cbZ3N3YCfZ5Mt-WYptrBK_9HFWH
Targets
-
-
Target
B2020006307357.PDF...exe
-
Size
52KB
-
MD5
42e026716bcf95406beca59b834a1432
-
SHA1
9474067350e0211faff4eb0c14dc2982897ee6f9
-
SHA256
1dd138afd050e4d29b20494c3bd607685295f2cd8217c1e6ddd9b47e54961f38
-
SHA512
01873ec441a283c55948052c4a835c7fd5246f695ed955239168dc583299c1bf58536f80d77e0a4c76e19ca04e51ef9ce927c806489bf1b122d0b6ad44d1df9b
Score10/10-
Guloader Payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-