General

  • Target

    4567865456.doc

  • Size

    42KB

  • Sample

    230712-hkshlscc46

  • MD5

    ca1a99d73b9701b2a26817352c6e2935

  • SHA1

    2f670bd6f2fd13d3de09db2b8b8149456e1066c3

  • SHA256

    56ba3547bff5214afe4d7ccd370deed7f43f44a2accab47d9360493186a32ddc

  • SHA512

    d39d5e79a875ddb7ada160b82edbb2299cee975b4e730a6f58e37f1d18ceb96229f3ea0eaac0974a9d8273b878eac402b6318e01aaa70f826f0af685197c976d

  • SSDEEP

    768:TFx0XaIsnPRIa4fwJMjxicDhKSv1k9/xIHVo6jQ5PbTZlx9:Tf0Xvx3EMjxicDhKo1k9UoSSPbTbx9

Malware Config

Targets

    • Target

      4567865456.doc

    • Size

      42KB

    • MD5

      ca1a99d73b9701b2a26817352c6e2935

    • SHA1

      2f670bd6f2fd13d3de09db2b8b8149456e1066c3

    • SHA256

      56ba3547bff5214afe4d7ccd370deed7f43f44a2accab47d9360493186a32ddc

    • SHA512

      d39d5e79a875ddb7ada160b82edbb2299cee975b4e730a6f58e37f1d18ceb96229f3ea0eaac0974a9d8273b878eac402b6318e01aaa70f826f0af685197c976d

    • SSDEEP

      768:TFx0XaIsnPRIa4fwJMjxicDhKSv1k9/xIHVo6jQ5PbTZlx9:Tf0Xvx3EMjxicDhKo1k9UoSSPbTbx9

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks