Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

DHL STATEM...11.exe

windows7-x64

10

DHL STATEM...11.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DHL STATEMENT OF ACCOUNT - 1300396411.exe

  • Size

    382KB

  • Sample

    230830-g92xxaab58

  • MD5

    8186e2dced0e97d5bf21e89459d08653

  • SHA1

    39a382102936a392f74b0923d2595856368709c3

  • SHA256

    9eb859c925f27565d216c594e9dbb1b6fc7aef5d13d3528bc03a1c87c3dcab66

  • SHA512

    826e704f47cbf797069a0d241f6eee700057619013d02547798095dea79118b8e299f9c319bf55cfcdfeb171c790779c33bf3c3b273804e21ca4fcd20a7f0dc2

  • SSDEEP

    6144:c6dk3MEN6hJN6lyGtvmR95ZU1uoPCLHn3eFrsh7gEQ0eshbYZDZEw:icESaDtvmrXU1z+n3dxY0fbYZ9E

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      DHL STATEMENT OF ACCOUNT - 1300396411.exe

    • Size

      382KB

    • MD5

      8186e2dced0e97d5bf21e89459d08653

    • SHA1

      39a382102936a392f74b0923d2595856368709c3

    • SHA256

      9eb859c925f27565d216c594e9dbb1b6fc7aef5d13d3528bc03a1c87c3dcab66

    • SHA512

      826e704f47cbf797069a0d241f6eee700057619013d02547798095dea79118b8e299f9c319bf55cfcdfeb171c790779c33bf3c3b273804e21ca4fcd20a7f0dc2

    • SSDEEP

      6144:c6dk3MEN6hJN6lyGtvmR95ZU1uoPCLHn3eFrsh7gEQ0eshbYZDZEw:icESaDtvmrXU1z+n3dxY0fbYZ9E

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks