Analysis
-
max time kernel
123s -
max time network
126s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
24-01-2022 07:40
Static task
static1
Behavioral task
behavioral1
Sample
Foulardb.exe
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Foulardb.exe
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
Foulardb.exe
-
Size
152KB
-
MD5
9e762a5a129797e9ec23d1e483d67b06
-
SHA1
5a27479f27101d563cfde20fd7ba6690fb25040f
-
SHA256
f8abd77f45b066ef139c336cccff9aed152f36609e22826e7c170d8cba334dfe
-
SHA512
6e1866a7353150bc51ab001e7bf7b77084d65ab8864d7a510e68153ff33e53b34ea929e17e7c618e847424f5c9a3f9e563f0db152f52060070b5647baac57a74
Score
10/10
Malware Config
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
Foulardb.exepid process 3048 Foulardb.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3048-117-0x00000000023C0000-0x00000000023D9000-memory.dmpFilesize
100KB