General
-
Target
5c2a9485bed7d1f6801f975c84fe95fceb35165423748403ae0096df8f8dc370
-
Size
60KB
-
Sample
220724-rtms6afeg5
-
MD5
a1ac955ae6af1910309233788356726d
-
SHA1
454cf29b26d89b88aae3af730b188c96829b234e
-
SHA256
5c2a9485bed7d1f6801f975c84fe95fceb35165423748403ae0096df8f8dc370
-
SHA512
85d414666a23a5e141532f03ba1930e99c66000c3d6a1c20af76e38a33c6effd1e3fbb00e7fa170f4f295bffea43a447aceedddab429f94f182da9834b1529eb
Static task
static1
Behavioral task
behavioral1
Sample
5c2a9485bed7d1f6801f975c84fe95fceb35165423748403ae0096df8f8dc370.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
5c2a9485bed7d1f6801f975c84fe95fceb35165423748403ae0096df8f8dc370.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1FSJkDEZL9rT76ZQ6DMmrtaQ4IY-_8d3B
Targets
-
-
Target
5c2a9485bed7d1f6801f975c84fe95fceb35165423748403ae0096df8f8dc370
-
Size
60KB
-
MD5
a1ac955ae6af1910309233788356726d
-
SHA1
454cf29b26d89b88aae3af730b188c96829b234e
-
SHA256
5c2a9485bed7d1f6801f975c84fe95fceb35165423748403ae0096df8f8dc370
-
SHA512
85d414666a23a5e141532f03ba1930e99c66000c3d6a1c20af76e38a33c6effd1e3fbb00e7fa170f4f295bffea43a447aceedddab429f94f182da9834b1529eb
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-