General
-
Target
75dee70b0047e52c6f917d72cd604aa2ae7a84ebc93b9884e3c26267d601bb99
-
Size
19KB
-
Sample
220701-sdgsmsagf4
-
MD5
a30dd138d63c03109308bb2a50ccf55d
-
SHA1
8b6ba7c70dd1d7be431e9da0548d52265924633a
-
SHA256
75dee70b0047e52c6f917d72cd604aa2ae7a84ebc93b9884e3c26267d601bb99
-
SHA512
12938148284f11d73407181f095ffa852f598a7a891b8fbb090a7fb4fc878edd4ebbf880769e5644a7f8b5da4a57ca626e2336ee52d5a9a8d75b2b81aa83bda3
Static task
static1
Behavioral task
behavioral1
Sample
Shipment Doc_58895592612.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Shipment Doc_58895592612.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1NyXP84dulE0oDd6gCNcC5COgBELKShl5
Targets
-
-
Target
Shipment Doc_58895592612.exe
-
Size
64KB
-
MD5
ca44231475c356476956fe42f9d22f9d
-
SHA1
2b7ee5dae6182ff36430316bef7810d8bd29d89a
-
SHA256
710e897de806be68f2888fa89da4479429409cae595a8c7f8c582cc0de722083
-
SHA512
f6fafddba8ee2194e7206aaf1739bbd4aa72b687676e9df08810e05ed8c11373da494a1a87a3b0b8bb511917232f2926908e48f2a6b337d7cd505333aa8148b3
Score10/10-
Guloader Payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-