General
-
Target
b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
-
Size
68KB
-
Sample
220725-e2v4aaegej
-
MD5
b9c10800e4b2245306057caa1dac0704
-
SHA1
dfc1723db08203c810f4c3275f8b4b8f74e49c23
-
SHA256
b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
-
SHA512
72db923625f429479817b61d49f6d930e8c2548c8d1b02e22897fd9d106e8ecfe3bb8be88465f372553312cd9a5b5d235dbf84801ffc09e4ff9092f66d43a2ea
Static task
static1
Behavioral task
behavioral1
Sample
b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1Qv9IyiWXodx2L9TJuKBQsIJ32rn-Ayuq
Targets
-
-
Target
b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
-
Size
68KB
-
MD5
b9c10800e4b2245306057caa1dac0704
-
SHA1
dfc1723db08203c810f4c3275f8b4b8f74e49c23
-
SHA256
b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
-
SHA512
72db923625f429479817b61d49f6d930e8c2548c8d1b02e22897fd9d106e8ecfe3bb8be88465f372553312cd9a5b5d235dbf84801ffc09e4ff9092f66d43a2ea
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-