Overview

overview

10

Static

static

host.exe

windows7-x64

10

host.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    host.exe

  • Size

    72KB

  • Sample

    230201-gn3mbaca96

  • MD5

    77e274fe35709e417213cacbeb090b53

  • SHA1

    58528c77fb6340c1bd659adb4f0a4d28f752fda1

  • SHA256

    d490661dcff030b97bacdd4348c11266a7c7a81a7bc6385add5b2fd9d612ab58

  • SHA512

    21165730c5ae75a0825411dc3b7b18ea62145041d73ccaff2fcb4a3757c025c32d0141251be0910e99d09e6d2b9617842f66cf93fbd50d4ad0da8241dbdf076f

  • SSDEEP

    1536:Ovdj1r4wTItcPbp1tTnQK6Tj1r4wTItcPbp1z:wj1rPTI2p1tTnQK6Tj1rPTI2p1z

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      host.exe

    • Size

      72KB

    • MD5

      77e274fe35709e417213cacbeb090b53

    • SHA1

      58528c77fb6340c1bd659adb4f0a4d28f752fda1

    • SHA256

      d490661dcff030b97bacdd4348c11266a7c7a81a7bc6385add5b2fd9d612ab58

    • SHA512

      21165730c5ae75a0825411dc3b7b18ea62145041d73ccaff2fcb4a3757c025c32d0141251be0910e99d09e6d2b9617842f66cf93fbd50d4ad0da8241dbdf076f

    • SSDEEP

      1536:Ovdj1r4wTItcPbp1tTnQK6Tj1r4wTItcPbp1z:wj1rPTI2p1tTnQK6Tj1rPTI2p1z

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Discovery

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                    Privilege Escalation

                      Tasks