General
-
Target
bfd13f95b95c437e7f96fa29c687c056bc0ed4aa67893274ddc38a68f81e9a37
-
Size
60KB
-
Sample
220701-e13fzadgb6
-
MD5
401c5beadf4c7e0d28128e94e007af81
-
SHA1
2ac7ba7677e2d79cec8b4751f5a237e5bd21214c
-
SHA256
bfd13f95b95c437e7f96fa29c687c056bc0ed4aa67893274ddc38a68f81e9a37
-
SHA512
c77994dcb051320c3b78d69e94c7c66ccc645ce928790f8738127020e810ef6ec452f8dfb68d6daa4710aea851c10e6003318bec5dc2499b7066049bffc0aac9
Static task
static1
Behavioral task
behavioral1
Sample
bfd13f95b95c437e7f96fa29c687c056bc0ed4aa67893274ddc38a68f81e9a37.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bfd13f95b95c437e7f96fa29c687c056bc0ed4aa67893274ddc38a68f81e9a37.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
guloader
https://garyssales.com/c4.bin
Targets
-
-
Target
bfd13f95b95c437e7f96fa29c687c056bc0ed4aa67893274ddc38a68f81e9a37
-
Size
60KB
-
MD5
401c5beadf4c7e0d28128e94e007af81
-
SHA1
2ac7ba7677e2d79cec8b4751f5a237e5bd21214c
-
SHA256
bfd13f95b95c437e7f96fa29c687c056bc0ed4aa67893274ddc38a68f81e9a37
-
SHA512
c77994dcb051320c3b78d69e94c7c66ccc645ce928790f8738127020e810ef6ec452f8dfb68d6daa4710aea851c10e6003318bec5dc2499b7066049bffc0aac9
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-