General

  • Target

    f010c514-a59b-4b68-9ea7-1cc9eac9ce66.pdf.exe

  • Size

    637KB

  • Sample

    231201-hmnx7sfg5x

  • MD5

    998ff92384eae540a3c9ba7a89e87dee

  • SHA1

    e8b248f9e8f9d6a041b38fe751f6dbcc3693e001

  • SHA256

    c25d8f1bc1238914fe5b137775de3806c192a20ad3a7c77228a62a0dbdaa3eeb

  • SHA512

    6e5dea7061d0e83bda7b6778d53306b86810b78a6c90964ff08913bde9e8a0f2aa42b852bc31aad8a2c14075c754a4df97423648ca0a07c88c77fde864005178

  • SSDEEP

    12288:tkEnhe2eNyllWH50DO0uI/WEmue9SEgf3RfiMv3aqEAdv522K7abjI:bhenyLtkaJe9dsB7EAdv02K7abj

Score
10/10

Malware Config

Targets

    • Target

      f010c514-a59b-4b68-9ea7-1cc9eac9ce66.pdf.exe

    • Size

      637KB

    • MD5

      998ff92384eae540a3c9ba7a89e87dee

    • SHA1

      e8b248f9e8f9d6a041b38fe751f6dbcc3693e001

    • SHA256

      c25d8f1bc1238914fe5b137775de3806c192a20ad3a7c77228a62a0dbdaa3eeb

    • SHA512

      6e5dea7061d0e83bda7b6778d53306b86810b78a6c90964ff08913bde9e8a0f2aa42b852bc31aad8a2c14075c754a4df97423648ca0a07c88c77fde864005178

    • SSDEEP

      12288:tkEnhe2eNyllWH50DO0uI/WEmue9SEgf3RfiMv3aqEAdv522K7abjI:bhenyLtkaJe9dsB7EAdv02K7abj

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks