General
-
Target
1a9d214667853658003a7ca54c0da42dcd2212ce8d52d343f32dd1a285c9e72b
-
Size
132KB
-
Sample
220502-ry481ahdel
-
MD5
d56e6e9b25a048853b9654eff97fda8c
-
SHA1
ca244579a5a07717c0411a76302fe234db702517
-
SHA256
1a9d214667853658003a7ca54c0da42dcd2212ce8d52d343f32dd1a285c9e72b
-
SHA512
643e18daa7dd50f1e46af00cb82943d5e83aca04b9089cc43f70c175dc83f5a4415ee2e775e0239f56f2e70052e23d78e0b6e7d941a4446bcd9303e27cdb6b14
Static task
static1
Behavioral task
behavioral1
Sample
1a9d214667853658003a7ca54c0da42dcd2212ce8d52d343f32dd1a285c9e72b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1a9d214667853658003a7ca54c0da42dcd2212ce8d52d343f32dd1a285c9e72b.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1xoAYE4lBiFtYTtM7qlk0iMOADY4FL-5u
Targets
-
-
Target
1a9d214667853658003a7ca54c0da42dcd2212ce8d52d343f32dd1a285c9e72b
-
Size
132KB
-
MD5
d56e6e9b25a048853b9654eff97fda8c
-
SHA1
ca244579a5a07717c0411a76302fe234db702517
-
SHA256
1a9d214667853658003a7ca54c0da42dcd2212ce8d52d343f32dd1a285c9e72b
-
SHA512
643e18daa7dd50f1e46af00cb82943d5e83aca04b9089cc43f70c175dc83f5a4415ee2e775e0239f56f2e70052e23d78e0b6e7d941a4446bcd9303e27cdb6b14
Score10/10-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-