Analysis

  • max time kernel
    129s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/08/2023, 11:06

General

  • Target

    2628491ce2c3c07681c36245160e29578e768d6f1009cfd6056878877bb528b7.exe

  • Size

    5.4MB

  • MD5

    4d6b3a0804e34b5cfaa06c39f8f9e3d3

  • SHA1

    5958895891d994736726b540f40696e6484fcffc

  • SHA256

    2628491ce2c3c07681c36245160e29578e768d6f1009cfd6056878877bb528b7

  • SHA512

    50a444bd49309159a0f6b8022ce28ce4df05364ef089e070ced24359d32b109ebfaee42adf384df9d3547cb71d985c8eaf938e4c5eace6b17223475c09068bdf

  • SSDEEP

    6144:yM7IzlJxJFJlXJGJWJ+JUJ+JhJ+JQJ+JWJ+J/J+J/J+JbJ+JlJ+JBJQJ+JBJ+J+n:yMQusV

Score
10/10

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2628491ce2c3c07681c36245160e29578e768d6f1009cfd6056878877bb528b7.exe
    "C:\Users\Admin\AppData\Local\Temp\2628491ce2c3c07681c36245160e29578e768d6f1009cfd6056878877bb528b7.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3384

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3384-135-0x00000000028E0000-0x00000000028F1000-memory.dmp

          Filesize

          68KB

        • memory/3384-136-0x00000000028E0000-0x00000000028F1000-memory.dmp

          Filesize

          68KB