General
-
Target
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3.7z
-
Size
23KB
-
Sample
230623-nz43vaee86
-
MD5
40b8690f2a1b1db9960cabe8343cc835
-
SHA1
315240a4422f238945465e36c9e303e95389a36f
-
SHA256
4e9e679e0a75b7e5156f207d63e805ca76dbbd9ebac47fae5caf2b76f457dc86
-
SHA512
149005cff50164ca74bbeffa198d7a2d839ff78265ab65e6e0a07c7690d754c9c23cade6b3cfd3dcf703e03cf84c5f6aec41104c27757459ee18a411673d12b6
-
SSDEEP
384:6Ho5YNhg4lvqka23JfbetIccrihK7dnOtaWmA4Gn8d63+DnfFOylioEFlmmPEdAg:6jRa25hr+edOtaWmz4kTlibTxrRsjj
Static task
static1
Behavioral task
behavioral1
Sample
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=10PD-W3hWlmuvHXXk8P04aQBvtnEAA19B
Targets
-
-
Target
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3
-
Size
120KB
-
MD5
a316a5b62622650b5935330e50b3162a
-
SHA1
433a20935b701abce79913d55939fc902534886f
-
SHA256
25baa5a4cc0147ca1dbaca906af789daa667ffbdde7c34dbdf398ce01b85f6a3
-
SHA512
3c20726f478e0db072e10b77d18dd941e27ab124a2a30be19730d991d8b3e2811b1f2eef488d2834ba4c6d9270c80a5ef979c525dc67193a172934244cd8f453
-
SSDEEP
1536:fi5RdyK4JDkBQomLWVNeEL9Zt2gpi5RdyK4JDkBQomLWVNeEL:6NAWQomId0NAWQomI
Score10/10-
Guloader payload
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-