Analysis
-
max time kernel
42s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
29-01-2023 21:57
Static task
static1
Behavioral task
behavioral1
Sample
90a4f8162296ffdc1fad4879a02b055273718b68ad7a5f63425fd2abc4580d41.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
90a4f8162296ffdc1fad4879a02b055273718b68ad7a5f63425fd2abc4580d41.exe
Resource
win10v2004-20220812-en
General
-
Target
90a4f8162296ffdc1fad4879a02b055273718b68ad7a5f63425fd2abc4580d41.exe
-
Size
108KB
-
MD5
5b98eac53149ca54211b9210894ecfdb
-
SHA1
f896d8915f871a6244e655cbf7bc92f4e3f3d247
-
SHA256
90a4f8162296ffdc1fad4879a02b055273718b68ad7a5f63425fd2abc4580d41
-
SHA512
21fc564e9a5d2681af9af481d0314c2aea881975214d83695f484a945e0401edb70385a5f262edfe57253614af6177316dcb9d73a97b637fdb6956b59d25d46d
-
SSDEEP
1536:LLKiaVpbyQkLoYnH17XvQnKVk7/a+/zbiuuxVP3jJfLYQ/c:PhH17XATa+rxu/xLYQ/c
Malware Config
Extracted
guloader
https://onedrive.live.com/download?cid=1EF46D95820B4241&resid=1EF46D95820B4241%21128&authkey=AN8LgKMfyKd8UvE
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
90a4f8162296ffdc1fad4879a02b055273718b68ad7a5f63425fd2abc4580d41.exepid process 836 90a4f8162296ffdc1fad4879a02b055273718b68ad7a5f63425fd2abc4580d41.exe