Overview

overview

10

Static

static

3

SecuriteIn...07.exe

windows7-x64

10

SecuriteIn...07.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.Evo-gen.11469.23107.exe

  • Size

    593KB

  • Sample

    231212-kcemwsbca4

  • MD5

    4aa0a020c0726fec47b64504674b1ece

  • SHA1

    768f72be43f676c84587a65e40d905d1f69014f4

  • SHA256

    976be3f04529b328e1fa9b0f173924c2a0dd3296734eb20fcd922b3171e5a547

  • SHA512

    46ff62e747e829c5a7be14f443bff7c6e35fc12494ca9b3e76d4a04f7f81c200a205ad409da9db773b92dac614bda7a83ac733d2498f2571cdc49211e3b17012

  • SSDEEP

    12288:NkgkxGsY2TsW/08g07dRhUObTs8TYamQOSm4Lq0:zkxGsYOsUTTR+ObdsamBS/Lq

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      SecuriteInfo.com.Win32.Evo-gen.11469.23107.exe

    • Size

      593KB

    • MD5

      4aa0a020c0726fec47b64504674b1ece

    • SHA1

      768f72be43f676c84587a65e40d905d1f69014f4

    • SHA256

      976be3f04529b328e1fa9b0f173924c2a0dd3296734eb20fcd922b3171e5a547

    • SHA512

      46ff62e747e829c5a7be14f443bff7c6e35fc12494ca9b3e76d4a04f7f81c200a205ad409da9db773b92dac614bda7a83ac733d2498f2571cdc49211e3b17012

    • SSDEEP

      12288:NkgkxGsY2TsW/08g07dRhUObTs8TYamQOSm4Lq0:zkxGsYOsUTTR+ObdsamBS/Lq

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks