General
-
Target
ed02b4cc571ceaadf34bf9c97715a26c219269c5021b66a355c6a3bfbe6171f4
-
Size
16KB
-
Sample
220701-r8lveaghfr
-
MD5
4307667bbed00269e705b7ac3280c8f6
-
SHA1
96e3ec94d8f005dceb9469cdc0df4ee05c385f10
-
SHA256
ed02b4cc571ceaadf34bf9c97715a26c219269c5021b66a355c6a3bfbe6171f4
-
SHA512
9ac54f53e24cf3d7196c00d0a1494dd1e5d9a106deb7f5f2343fa9caac43107b8d2983e142640bd815843b658e380d2a766272c67f9bb627d7da9d1aa3d2b071
Static task
static1
Behavioral task
behavioral1
Sample
DHL Delivery Document.scr
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
DHL Delivery Document.scr
Resource
win10v2004-20220414-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1gKqCSICYGIrZRanQX1uIQYJBckKa2fUb
Targets
-
-
Target
DHL Delivery Document.scr
-
Size
48KB
-
MD5
45439e2dfdd3b1f54b4952a46b487fa4
-
SHA1
d8becaffacaf238a8abe233bff210963d0d36e1e
-
SHA256
bac78784a96599a619b48b9998c449d213cd113bda215a0b6fe11e358e336785
-
SHA512
38532b48e6e71907fbd569e4e3ee71322f019368efa1db89f39f9a7b0dd5440859c9b824f6d2f0bda4c7c63ea95547f003c3db3fd571b41ffd75fdf07ea225bf
Score10/10-
Guloader Payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-