General
-
Target
c9c0180eba2a712f1aba1303b90cbf12c1117451ce13b68715931abc437b10cd
-
Size
52KB
-
Sample
220124-dyc8mabbfq
-
MD5
a3042b64c0c3086b890cc3f6cfb334dd
-
SHA1
c87ed1aecb4936031222882b873af31341b6dd69
-
SHA256
c9c0180eba2a712f1aba1303b90cbf12c1117451ce13b68715931abc437b10cd
-
SHA512
a05786ef94fbc2f5c1ee40c6c4c63f316eabd6f0cf3ffef7bd84ca523324d60ea714345b89890db3cf1e90c52af4b0f03edb636b2f25e041772b6ae07808439c
Static task
static1
Behavioral task
behavioral1
Sample
c9c0180eba2a712f1aba1303b90cbf12c1117451ce13b68715931abc437b10cd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
c9c0180eba2a712f1aba1303b90cbf12c1117451ce13b68715931abc437b10cd.exe
Resource
win10-en-20211208
Malware Config
Extracted
guloader
https://share.dmca.gripe/jUuWPW6ONwL1Wkux.bin
Targets
-
-
Target
c9c0180eba2a712f1aba1303b90cbf12c1117451ce13b68715931abc437b10cd
-
Size
52KB
-
MD5
a3042b64c0c3086b890cc3f6cfb334dd
-
SHA1
c87ed1aecb4936031222882b873af31341b6dd69
-
SHA256
c9c0180eba2a712f1aba1303b90cbf12c1117451ce13b68715931abc437b10cd
-
SHA512
a05786ef94fbc2f5c1ee40c6c4c63f316eabd6f0cf3ffef7bd84ca523324d60ea714345b89890db3cf1e90c52af4b0f03edb636b2f25e041772b6ae07808439c
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-