General
-
Target
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3.7z
-
Size
23KB
-
Sample
230622-ppmlgsed24
-
MD5
2944426d4916c3348f3dfc9bc7f07b3d
-
SHA1
1e517273d0bb7b706f765de9420790ab0c29929d
-
SHA256
ef52f61d72293b77684d3a964c2364594ab247c455b3f1085734c70e6c309923
-
SHA512
62bb601ca9e6229c12f2bf21fc796f4aa95a3498228526aa549185837c0ee023d4987ad57f4b5840d12c4032687bd183e38b0233db342f958a0efa555de10803
-
SSDEEP
384:2L6E5zqKicER8DEoOd3EglUqNSmHsV1B51pXpaY6ZDkJWqVx4:27LV28DEosJ7NSmS1T1p36yJWqVO
Static task
static1
Behavioral task
behavioral1
Sample
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=10PD-W3hWlmuvHXXk8P04aQBvtnEAA19B
Targets
-
-
Target
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3
-
Size
120KB
-
MD5
a316a5b62622650b5935330e50b3162a
-
SHA1
433a20935b701abce79913d55939fc902534886f
-
SHA256
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3
-
SHA512
3c20726f478e0db072e10b77d18dd941e27ab124a2a30be19730d991d8b3e2811b1f2eef488d2834ba4c6d9270c80a5ef979c525dc67193a172934244cd8f453
-
SSDEEP
1536:fi5RdyK4JDkBQomLWVNeEL9Zt2gpi5RdyK4JDkBQomLWVNeEL:6NAWQomId0NAWQomI
Score10/10-
Guloader payload
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-