General
-
Target
f992b24b6c959f25264e1defc1a59aff829fc8d0088f71fba38000f8f5a3239a
-
Size
120KB
-
Sample
220724-svhfhahaem
-
MD5
2a246ac760e3b1f8dc4ba977e48ae1bd
-
SHA1
d92995d0e0186942bffdc48dce529f339815329a
-
SHA256
f992b24b6c959f25264e1defc1a59aff829fc8d0088f71fba38000f8f5a3239a
-
SHA512
b22315c48c98c64a9a33523203d44d27a781371a81b79ca48100540889864509cedd39af506727c38d6e13ffe57d14f9d73f63b8a7f2b9732ffb2466c5fe8862
Static task
static1
Behavioral task
behavioral1
Sample
f992b24b6c959f25264e1defc1a59aff829fc8d0088f71fba38000f8f5a3239a.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
f992b24b6c959f25264e1defc1a59aff829fc8d0088f71fba38000f8f5a3239a.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1XjUHIgW5T6HcodhQNf4poqrFbSYVe2Qd
Targets
-
-
Target
f992b24b6c959f25264e1defc1a59aff829fc8d0088f71fba38000f8f5a3239a
-
Size
120KB
-
MD5
2a246ac760e3b1f8dc4ba977e48ae1bd
-
SHA1
d92995d0e0186942bffdc48dce529f339815329a
-
SHA256
f992b24b6c959f25264e1defc1a59aff829fc8d0088f71fba38000f8f5a3239a
-
SHA512
b22315c48c98c64a9a33523203d44d27a781371a81b79ca48100540889864509cedd39af506727c38d6e13ffe57d14f9d73f63b8a7f2b9732ffb2466c5fe8862
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-