General
-
Target
5a67e9f65346a9423156113b8b60337f120d23ff66b5c5c62bcb66b07a688283
-
Size
48KB
-
Sample
221125-ky45nsad8s
-
MD5
9ffe09f834b42493ff398567de88c499
-
SHA1
a2fed2eeab9d910fc4c4ddbbde438056ec88ed32
-
SHA256
5a67e9f65346a9423156113b8b60337f120d23ff66b5c5c62bcb66b07a688283
-
SHA512
8de3c9a95311320c3f1b53545728d3ce546cfcbae75fc37cda2ffcc019c892c8676287e25605e4c2075142658831e2fba7900c5f3622f9edfb683a145337af95
-
SSDEEP
384:9CopH6A/4i34c8ac8f2clBb1lTEABlayQo2HJccwyzm3KgS7fibQF:9CopH6A/4io+f2wh1K4abfHJoVbQ
Static task
static1
Behavioral task
behavioral1
Sample
5a67e9f65346a9423156113b8b60337f120d23ff66b5c5c62bcb66b07a688283.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5a67e9f65346a9423156113b8b60337f120d23ff66b5c5c62bcb66b07a688283.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1CjLNy9FQ6UGCKk0Hd2ScyQzknCRIVmaG
Targets
-
-
Target
5a67e9f65346a9423156113b8b60337f120d23ff66b5c5c62bcb66b07a688283
-
Size
48KB
-
MD5
9ffe09f834b42493ff398567de88c499
-
SHA1
a2fed2eeab9d910fc4c4ddbbde438056ec88ed32
-
SHA256
5a67e9f65346a9423156113b8b60337f120d23ff66b5c5c62bcb66b07a688283
-
SHA512
8de3c9a95311320c3f1b53545728d3ce546cfcbae75fc37cda2ffcc019c892c8676287e25605e4c2075142658831e2fba7900c5f3622f9edfb683a145337af95
-
SSDEEP
384:9CopH6A/4i34c8ac8f2clBb1lTEABlayQo2HJccwyzm3KgS7fibQF:9CopH6A/4io+f2wh1K4abfHJoVbQ
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-