General
-
Target
208509abebdfd82a5382c20e7dd21d9cf209737554c894325f0634a942b5c48e
-
Size
80KB
-
Sample
220725-e6a9nsehgr
-
MD5
c993db0156b0741167b10cc7b8005b46
-
SHA1
8e579a71c9a5da8f3b80c26bf8e02809b1cb6453
-
SHA256
208509abebdfd82a5382c20e7dd21d9cf209737554c894325f0634a942b5c48e
-
SHA512
9544d88cb19ee73794f3c42ffa9bd7a93a2b0d004eeed65c98e2772ad4ebf4dbab03963e8110d96aeb8469da12d6576bdaf8d4a397a798bf6742d2478f8d773b
Static task
static1
Behavioral task
behavioral1
Sample
208509abebdfd82a5382c20e7dd21d9cf209737554c894325f0634a942b5c48e.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
208509abebdfd82a5382c20e7dd21d9cf209737554c894325f0634a942b5c48e.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
guloader
https://share.dmca.gripe/tV0BSXiF0O6AY1Gn.bin
Targets
-
-
Target
208509abebdfd82a5382c20e7dd21d9cf209737554c894325f0634a942b5c48e
-
Size
80KB
-
MD5
c993db0156b0741167b10cc7b8005b46
-
SHA1
8e579a71c9a5da8f3b80c26bf8e02809b1cb6453
-
SHA256
208509abebdfd82a5382c20e7dd21d9cf209737554c894325f0634a942b5c48e
-
SHA512
9544d88cb19ee73794f3c42ffa9bd7a93a2b0d004eeed65c98e2772ad4ebf4dbab03963e8110d96aeb8469da12d6576bdaf8d4a397a798bf6742d2478f8d773b
Score10/10-
Guloader payload
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-