General
-
Target
bb80c46035df59c0729d88220dd8288ad58f17a4b572f2c27083467ef2d5c24a
-
Size
84KB
-
Sample
220725-fx9xbagchq
-
MD5
c8ca26f02cfb52a0665200eed3e5181d
-
SHA1
c1a323ed96db112410fec54918d68d221577807a
-
SHA256
bb80c46035df59c0729d88220dd8288ad58f17a4b572f2c27083467ef2d5c24a
-
SHA512
7f44e3a326caf6b00d0238617928fbe853c45e42843085ff3e454ddb1573b4881ba66018566453b66ce68daab396460cde44599389901bc44622311c9d848934
Static task
static1
Behavioral task
behavioral1
Sample
bb80c46035df59c0729d88220dd8288ad58f17a4b572f2c27083467ef2d5c24a.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
bb80c46035df59c0729d88220dd8288ad58f17a4b572f2c27083467ef2d5c24a.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
bb80c46035df59c0729d88220dd8288ad58f17a4b572f2c27083467ef2d5c24a
-
Size
84KB
-
MD5
c8ca26f02cfb52a0665200eed3e5181d
-
SHA1
c1a323ed96db112410fec54918d68d221577807a
-
SHA256
bb80c46035df59c0729d88220dd8288ad58f17a4b572f2c27083467ef2d5c24a
-
SHA512
7f44e3a326caf6b00d0238617928fbe853c45e42843085ff3e454ddb1573b4881ba66018566453b66ce68daab396460cde44599389901bc44622311c9d848934
Score10/10-
Guloader payload
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-