Analysis
-
max time kernel
22s -
max time network
55s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
29-01-2023 16:27
Static task
static1
Behavioral task
behavioral1
Sample
a758f7ee57c6dcccc0b63276a47125db6ccd9ed8a4ce0f7217187326e2b4fbdf.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a758f7ee57c6dcccc0b63276a47125db6ccd9ed8a4ce0f7217187326e2b4fbdf.exe
Resource
win10v2004-20220812-en
General
-
Target
a758f7ee57c6dcccc0b63276a47125db6ccd9ed8a4ce0f7217187326e2b4fbdf.exe
-
Size
132KB
-
MD5
e78c711ec72c356d59e1a0b74859718c
-
SHA1
d24bc8acecb1b818d87d5c988b21e01bd7acfb3b
-
SHA256
a758f7ee57c6dcccc0b63276a47125db6ccd9ed8a4ce0f7217187326e2b4fbdf
-
SHA512
0e6627fdc65291ca05b7fcb9d3134f3c3b49b25606540192f9dd555e813b13ad84e017f8b0d583f90cd68c150116d5eee7329205b014eb36707d0f468dcf6f95
-
SSDEEP
1536:nmnVNuADosHDum4izsnQFyazxrZkr7RPp5Pk7YHOwQ:Wuy4XQFyazx9YNhYSOw
Malware Config
Extracted
guloader
https://onedrive.live.com/download?cid=604AA6C584DB9137&resid=604AA6C584DB9137%21124&authkey=AO7BkNNuodxtFuA
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
a758f7ee57c6dcccc0b63276a47125db6ccd9ed8a4ce0f7217187326e2b4fbdf.exepid process 1460 a758f7ee57c6dcccc0b63276a47125db6ccd9ed8a4ce0f7217187326e2b4fbdf.exe