General
-
Target
e8f8cc178425c55c03c76d0a2a11918371bba8f2d6f400752ca1cea5e663da2e
-
Size
136KB
-
Sample
220131-167hrsdcc4
-
MD5
913fc7a8a80e209997ad142ffce2d619
-
SHA1
707bad900cc22eaf7ad3d4425ec657f5da05f405
-
SHA256
e8f8cc178425c55c03c76d0a2a11918371bba8f2d6f400752ca1cea5e663da2e
-
SHA512
96b03b2805c7493931ffc551a04e9a3ddbd413d171cd8b1f6e9ae3d2697e034d4835ceef23d84cd9520f4c3f4bd48178c1a1beb299394d86b52f2c072034df04
Static task
static1
Behavioral task
behavioral1
Sample
e8f8cc178425c55c03c76d0a2a11918371bba8f2d6f400752ca1cea5e663da2e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e8f8cc178425c55c03c76d0a2a11918371bba8f2d6f400752ca1cea5e663da2e.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1dtlMCyozUPBepc-AtEdirGENZBpWesAi
Targets
-
-
Target
e8f8cc178425c55c03c76d0a2a11918371bba8f2d6f400752ca1cea5e663da2e
-
Size
136KB
-
MD5
913fc7a8a80e209997ad142ffce2d619
-
SHA1
707bad900cc22eaf7ad3d4425ec657f5da05f405
-
SHA256
e8f8cc178425c55c03c76d0a2a11918371bba8f2d6f400752ca1cea5e663da2e
-
SHA512
96b03b2805c7493931ffc551a04e9a3ddbd413d171cd8b1f6e9ae3d2697e034d4835ceef23d84cd9520f4c3f4bd48178c1a1beb299394d86b52f2c072034df04
Score10/10-
Sets service image path in registry
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-