Analysis

  • max time kernel
    125s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/08/2023, 07:37

General

  • Target

    398b8e9702b5f4f831803954197794ed95a8cf146388b06ac939eff85c85f391.exe

  • Size

    256KB

  • MD5

    476226bb89c946a1e3224580357dddad

  • SHA1

    83743cb0e7855b67fad44789535267ae100e6f49

  • SHA256

    398b8e9702b5f4f831803954197794ed95a8cf146388b06ac939eff85c85f391

  • SHA512

    02f72c7f6c8c6f8e3bd88fe11b70d8884a3fe58a7b369270a467b52135e64d67a35a3282440e012ad2456bffb652c81f2955b8a58d7ed037252e4da8612cf684

  • SSDEEP

    1536:naUdNqn30JarWf4YPubvlMiH0giPHfUHT6WW5jUqFSAapU:fs3SmKimPHfg/3

Score
10/10

Malware Config

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\398b8e9702b5f4f831803954197794ed95a8cf146388b06ac939eff85c85f391.exe
    "C:\Users\Admin\AppData\Local\Temp\398b8e9702b5f4f831803954197794ed95a8cf146388b06ac939eff85c85f391.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1940

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1940-135-0x00000000021F0000-0x00000000021FE000-memory.dmp

          Filesize

          56KB

        • memory/1940-136-0x00000000021F0000-0x00000000021FE000-memory.dmp

          Filesize

          56KB