General
-
Target
abfadf2fcaa0d8bf13901960cc14ec23ab396c03d32ad7e102c93584b7cd1dd8
-
Size
120KB
-
Sample
220724-2f5rxsahc6
-
MD5
dcc82e7b59b1b976698866b9a09e5650
-
SHA1
a01dfeb077699ae00a866db03c043cc8f59bf2e0
-
SHA256
abfadf2fcaa0d8bf13901960cc14ec23ab396c03d32ad7e102c93584b7cd1dd8
-
SHA512
9640c3fc4d012be9661c0f77e4ee82f9d377e0381f268d0d3a12322ab13de87ea4fe6e49b6f28bb86a706908127361c1771ea938ea14ee8c51a8d83cd06c25ee
Static task
static1
Behavioral task
behavioral1
Sample
abfadf2fcaa0d8bf13901960cc14ec23ab396c03d32ad7e102c93584b7cd1dd8.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
abfadf2fcaa0d8bf13901960cc14ec23ab396c03d32ad7e102c93584b7cd1dd8.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1RERXCx6FnJXEeduZ6pvKbHy49ktn_8i3
Targets
-
-
Target
abfadf2fcaa0d8bf13901960cc14ec23ab396c03d32ad7e102c93584b7cd1dd8
-
Size
120KB
-
MD5
dcc82e7b59b1b976698866b9a09e5650
-
SHA1
a01dfeb077699ae00a866db03c043cc8f59bf2e0
-
SHA256
abfadf2fcaa0d8bf13901960cc14ec23ab396c03d32ad7e102c93584b7cd1dd8
-
SHA512
9640c3fc4d012be9661c0f77e4ee82f9d377e0381f268d0d3a12322ab13de87ea4fe6e49b6f28bb86a706908127361c1771ea938ea14ee8c51a8d83cd06c25ee
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-