General
-
Target
638ea18bb14c65b7a4f34e94ad1cf7ba04e0cde85db754e65ea654e8bb42f046
-
Size
116KB
-
Sample
220724-z7ct4shadl
-
MD5
290d5e5150cea94d380e5e161e8dc8fa
-
SHA1
1d5947a824ec50a0e61146810a9eab89f34c11e6
-
SHA256
638ea18bb14c65b7a4f34e94ad1cf7ba04e0cde85db754e65ea654e8bb42f046
-
SHA512
5bddc04b8957ffc1461ee02930b3686dcae2988cd44f7e84eb0ffde21af8677351842086937f86c7df02c74b82e4fee9350ecf5e96fcde061b8069a02aa907c7
Static task
static1
Behavioral task
behavioral1
Sample
638ea18bb14c65b7a4f34e94ad1cf7ba04e0cde85db754e65ea654e8bb42f046.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
638ea18bb14c65b7a4f34e94ad1cf7ba04e0cde85db754e65ea654e8bb42f046.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1QH8JFoOIOhbcnrzfFUlcoNpabgmqAKM8
Targets
-
-
Target
638ea18bb14c65b7a4f34e94ad1cf7ba04e0cde85db754e65ea654e8bb42f046
-
Size
116KB
-
MD5
290d5e5150cea94d380e5e161e8dc8fa
-
SHA1
1d5947a824ec50a0e61146810a9eab89f34c11e6
-
SHA256
638ea18bb14c65b7a4f34e94ad1cf7ba04e0cde85db754e65ea654e8bb42f046
-
SHA512
5bddc04b8957ffc1461ee02930b3686dcae2988cd44f7e84eb0ffde21af8677351842086937f86c7df02c74b82e4fee9350ecf5e96fcde061b8069a02aa907c7
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-