General
-
Target
f034d6cc73213f098edd8e326c4346b25bf7fb694c7a4d59c138471f9a1c6531
-
Size
116KB
-
Sample
220731-ks94qsghe4
-
MD5
3d7213ddcbefc0c5f023ddfcc2d3d846
-
SHA1
ec1367cecf86baec22f2bfb0cd4ce2e0fea331d6
-
SHA256
f034d6cc73213f098edd8e326c4346b25bf7fb694c7a4d59c138471f9a1c6531
-
SHA512
4dbcb4faa143bed8ed869196b2a59dd29cad257d00c225b8affc967c05142a45414e112589db7acd60b1b6a5fedccd9fb31578064a8d4564cfd9c5c0fa7cfa51
Static task
static1
Behavioral task
behavioral1
Sample
f034d6cc73213f098edd8e326c4346b25bf7fb694c7a4d59c138471f9a1c6531.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
f034d6cc73213f098edd8e326c4346b25bf7fb694c7a4d59c138471f9a1c6531.exe
Resource
win10v2004-20220722-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1q-1xTD9weiWyiJIbO51ubhF470YCiWrW
Targets
-
-
Target
f034d6cc73213f098edd8e326c4346b25bf7fb694c7a4d59c138471f9a1c6531
-
Size
116KB
-
MD5
3d7213ddcbefc0c5f023ddfcc2d3d846
-
SHA1
ec1367cecf86baec22f2bfb0cd4ce2e0fea331d6
-
SHA256
f034d6cc73213f098edd8e326c4346b25bf7fb694c7a4d59c138471f9a1c6531
-
SHA512
4dbcb4faa143bed8ed869196b2a59dd29cad257d00c225b8affc967c05142a45414e112589db7acd60b1b6a5fedccd9fb31578064a8d4564cfd9c5c0fa7cfa51
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-