Overview

overview

10

Static

static

Foulardb.exe

windows7_x64

10

Foulardb.exe

windows10_x64

10

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    24-01-2022 07:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Foulardb.exe

  • Size

    152KB

  • MD5

    9e762a5a129797e9ec23d1e483d67b06

  • SHA1

    5a27479f27101d563cfde20fd7ba6690fb25040f

  • SHA256

    f8abd77f45b066ef139c336cccff9aed152f36609e22826e7c170d8cba334dfe

  • SHA512

    6e1866a7353150bc51ab001e7bf7b77084d65ab8864d7a510e68153ff33e53b34ea929e17e7c618e847424f5c9a3f9e563f0db152f52060070b5647baac57a74

Score
10/10
guloaderdownloader

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Foulardb.exe
    "C:\Users\Admin\AppData\Local\Temp\Foulardb.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1664-55-0x00000000754B1000-0x00000000754B3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1664-56-0x00000000003C0000-0x00000000003D9000-memory.dmp
    Filesize

    100KB

    Download