Analysis
-
max time kernel
117s -
max time network
126s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
30-01-2022 15:22
Static task
static1
Behavioral task
behavioral1
Sample
9b27978aaada5cf5c16d7f1331f0341aae2bbb5de7ed8db1c2038ed837de57f7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
9b27978aaada5cf5c16d7f1331f0341aae2bbb5de7ed8db1c2038ed837de57f7.exe
Resource
win10-en-20211208
General
-
Target
9b27978aaada5cf5c16d7f1331f0341aae2bbb5de7ed8db1c2038ed837de57f7.exe
-
Size
40KB
-
MD5
f8a95daa42ef9246729a0c779aef85bf
-
SHA1
4b7f946f08252c666ef9872328ca3126199aaec9
-
SHA256
9b27978aaada5cf5c16d7f1331f0341aae2bbb5de7ed8db1c2038ed837de57f7
-
SHA512
fce517410ee4d8ee7d96f2ab999414972f6b59bf0cd1135cec3dd485ac091ad67f21ca3527e7882124be85fc11c8e9b902df2526ced270dda16e3aa5660770cd
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1mVJV7BrsU6WZXyhq-IOOLwoe8zGnSg2i
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
9b27978aaada5cf5c16d7f1331f0341aae2bbb5de7ed8db1c2038ed837de57f7.exepid process 1520 9b27978aaada5cf5c16d7f1331f0341aae2bbb5de7ed8db1c2038ed837de57f7.exe