General
-
Target
4b6908ad09c817290c3a37fb078b6667e2479aa32264946e724e8cd39d7de250
-
Size
100KB
-
Sample
221125-lts3aagh59
-
MD5
6dff5a79a9bc46bf3267a234abee1416
-
SHA1
9f1812f43c31156297c297f637a0e5dc51d8e727
-
SHA256
4b6908ad09c817290c3a37fb078b6667e2479aa32264946e724e8cd39d7de250
-
SHA512
55866786a0c0bc68ac23604e59ba7e73570e58690ceebee3133cbd2ae4aa9d5203c260c302a96d2abf6200c17b59bcf0fdd09c7c708649c633c81beefabe2f60
-
SSDEEP
768:G729FUTWbLYqHmHF6QwYXPSdDjYA4vH3d7/+dKZo:TnUTWgplsuKdDjpCHt7/+Yo
Static task
static1
Behavioral task
behavioral1
Sample
4b6908ad09c817290c3a37fb078b6667e2479aa32264946e724e8cd39d7de250.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4b6908ad09c817290c3a37fb078b6667e2479aa32264946e724e8cd39d7de250.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1LcWyjKOhCqF8z_TZw5yPPFDSHn9QcgVP
http://marckasgfdvc.ug/Host12_encrypted_452A510.bin
Targets
-
-
Target
4b6908ad09c817290c3a37fb078b6667e2479aa32264946e724e8cd39d7de250
-
Size
100KB
-
MD5
6dff5a79a9bc46bf3267a234abee1416
-
SHA1
9f1812f43c31156297c297f637a0e5dc51d8e727
-
SHA256
4b6908ad09c817290c3a37fb078b6667e2479aa32264946e724e8cd39d7de250
-
SHA512
55866786a0c0bc68ac23604e59ba7e73570e58690ceebee3133cbd2ae4aa9d5203c260c302a96d2abf6200c17b59bcf0fdd09c7c708649c633c81beefabe2f60
-
SSDEEP
768:G729FUTWbLYqHmHF6QwYXPSdDjYA4vH3d7/+dKZo:TnUTWgplsuKdDjpCHt7/+Yo
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-