General

  • Target

    host.exe

  • Size

    72KB

  • Sample

    230201-gn3mbaca96

  • MD5

    77e274fe35709e417213cacbeb090b53

  • SHA1

    58528c77fb6340c1bd659adb4f0a4d28f752fda1

  • SHA256

    d490661dcff030b97bacdd4348c11266a7c7a81a7bc6385add5b2fd9d612ab58

  • SHA512

    21165730c5ae75a0825411dc3b7b18ea62145041d73ccaff2fcb4a3757c025c32d0141251be0910e99d09e6d2b9617842f66cf93fbd50d4ad0da8241dbdf076f

  • SSDEEP

    1536:Ovdj1r4wTItcPbp1tTnQK6Tj1r4wTItcPbp1z:wj1rPTI2p1tTnQK6Tj1rPTI2p1z

Score
10/10

Malware Config

Targets

    • Target

      host.exe

    • Size

      72KB

    • MD5

      77e274fe35709e417213cacbeb090b53

    • SHA1

      58528c77fb6340c1bd659adb4f0a4d28f752fda1

    • SHA256

      d490661dcff030b97bacdd4348c11266a7c7a81a7bc6385add5b2fd9d612ab58

    • SHA512

      21165730c5ae75a0825411dc3b7b18ea62145041d73ccaff2fcb4a3757c025c32d0141251be0910e99d09e6d2b9617842f66cf93fbd50d4ad0da8241dbdf076f

    • SSDEEP

      1536:Ovdj1r4wTItcPbp1tTnQK6Tj1r4wTItcPbp1z:wj1rPTI2p1tTnQK6Tj1rPTI2p1z

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Command and Control

Web Service

1
T1102

Tasks