General
-
Target
fd6e6be3f9dd51b452068d326d464dffa64e0669773e7d24d90e93407a627b34
-
Size
60KB
-
Sample
220724-vjnjgsbhbl
-
MD5
0fb79c89f1013b87699385a4deb5bafa
-
SHA1
0c6e93dadad8c9750f8301184116c68d6ad675dc
-
SHA256
fd6e6be3f9dd51b452068d326d464dffa64e0669773e7d24d90e93407a627b34
-
SHA512
7cb5d4b5ded1c7fd5a7304f16f8f3c9c1d145c4b336692da5e4a67621ccce49e9f1d83e488204936baae7fa15c1b6d70568b7ee7a77e10eb9964bfd75b7cb816
Static task
static1
Behavioral task
behavioral1
Sample
fd6e6be3f9dd51b452068d326d464dffa64e0669773e7d24d90e93407a627b34.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
fd6e6be3f9dd51b452068d326d464dffa64e0669773e7d24d90e93407a627b34.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1s6Jk7utxfKJOqqXxtrZJtXj2BPIgDzPT
Targets
-
-
Target
fd6e6be3f9dd51b452068d326d464dffa64e0669773e7d24d90e93407a627b34
-
Size
60KB
-
MD5
0fb79c89f1013b87699385a4deb5bafa
-
SHA1
0c6e93dadad8c9750f8301184116c68d6ad675dc
-
SHA256
fd6e6be3f9dd51b452068d326d464dffa64e0669773e7d24d90e93407a627b34
-
SHA512
7cb5d4b5ded1c7fd5a7304f16f8f3c9c1d145c4b336692da5e4a67621ccce49e9f1d83e488204936baae7fa15c1b6d70568b7ee7a77e10eb9964bfd75b7cb816
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-