General
-
Target
92d3f3039854249430fa9d8aea81e6813add46a6ed80e3b8934840f48e386124
-
Size
188KB
-
Sample
220724-rq4bqsfdg2
-
MD5
be776a651ec6df65bd524ab1a5c19908
-
SHA1
0f56947349bcd36118b559f46e908decbe99bebf
-
SHA256
92d3f3039854249430fa9d8aea81e6813add46a6ed80e3b8934840f48e386124
-
SHA512
214882b02e774d184ea33c24ba6f504420ae88470c8ba12a22929f4ff94c135a80bfaac5d687424620c8113667aac7e4e0cfab6221a9bcbdff700e226f044ce6
Static task
static1
Behavioral task
behavioral1
Sample
92d3f3039854249430fa9d8aea81e6813add46a6ed80e3b8934840f48e386124.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
92d3f3039854249430fa9d8aea81e6813add46a6ed80e3b8934840f48e386124.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
http://84.16.248.166/photo/photo_encrypted_4433460.bin
Targets
-
-
Target
92d3f3039854249430fa9d8aea81e6813add46a6ed80e3b8934840f48e386124
-
Size
188KB
-
MD5
be776a651ec6df65bd524ab1a5c19908
-
SHA1
0f56947349bcd36118b559f46e908decbe99bebf
-
SHA256
92d3f3039854249430fa9d8aea81e6813add46a6ed80e3b8934840f48e386124
-
SHA512
214882b02e774d184ea33c24ba6f504420ae88470c8ba12a22929f4ff94c135a80bfaac5d687424620c8113667aac7e4e0cfab6221a9bcbdff700e226f044ce6
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-