Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
31-01-2024 16:32
Static task
static1
Behavioral task
behavioral1
Sample
7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe
Resource
win10v2004-20231215-en
General
-
Target
7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe
-
Size
92KB
-
MD5
29fb7d446d0d5817e0f9d765c8a021f5
-
SHA1
b66630cb0dfb72142c67b84fd94490e62113d58c
-
SHA256
7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62
-
SHA512
a0f8ebc84c60789189f1999d01053d61411e4de1bc4f00f33b4513cb0f4a30faa90a7f1b7b81e0e77a2f48d47a7eebfbfa8167b8bb2bfbcd2b25a281d73134b8
-
SSDEEP
1536:plnVPEPXgXDxjC/zdUxPN39Yer0RmwspO/uL:T2fgDxjC/2dN3IL2
Malware Config
Extracted
guloader
https://dailyhintnews.com.ng/vbb/janomo_ptGjzJn31.bin
Signatures
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Guloader payload 1 IoCs
Processes:
resource yara_rule behavioral2/memory/320-2-0x0000000002970000-0x000000000297B000-memory.dmp family_guloader -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exepid process 320 7645692a716ae035d0b625b659a8d8790b1394ac4e648d1e07aea77d0c9fcb62.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/320-2-0x0000000002970000-0x000000000297B000-memory.dmpFilesize
44KB