Overview

overview

10

Static

static

3

7645692a71...62.exe

windows7-x64

10

7645692a71...62.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-01-2024 16:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe

  • Size

    92KB

  • MD5

    29fb7d446d0d5817e0f9d765c8a021f5

  • SHA1

    b66630cb0dfb72142c67b84fd94490e62113d58c

  • SHA256

    7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62

  • SHA512

    a0f8ebc84c60789189f1999d01053d61411e4de1bc4f00f33b4513cb0f4a30faa90a7f1b7b81e0e77a2f48d47a7eebfbfa8167b8bb2bfbcd2b25a281d73134b8

  • SSDEEP

    1536:plnVPEPXgXDxjC/zdUxPN39Yer0RmwspO/uL:T2fgDxjC/2dN3IL2

Score
10/10
guloaderdownloaderguloader

Malware Config

Extracted

Family

guloader

C2

https://dailyhintnews.com.ng/vbb/janomo_ptGjzJn31.bin

xor.base64

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Guloader payload 1 IoCs
    guloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe
    "C:\Users\Admin\AppData\Local\Temp\7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/320-2-0x0000000002970000-0x000000000297B000-memory.dmp
    Filesize

    44KB

    Download