General
-
Target
9a4cfa63e71d64fe29c002dade42cb80
-
Size
132KB
-
Sample
240214-am58gsdg32
-
MD5
9a4cfa63e71d64fe29c002dade42cb80
-
SHA1
fee9dd36e12020a81d8d5b7fbdf2e4d4974cffe8
-
SHA256
e37b6c9937f5d466286ab7312fb36e8717d9dac0bcee4eacb62bbf0d03bcf0a0
-
SHA512
2a6209196313941ac1c3ff0c42f70315fc84e7efbc85326e0708ce00fdb1dd03c31774c5b84e180a700ec397758961e24aeb58961d3608ab7b402cc02577fd58
-
SSDEEP
1536:tNA9IuclaDPyC1F6oVSDwxDaBXnwyk0k:trQDx8oVGkmwyk0k
Static task
static1
Behavioral task
behavioral1
Sample
9a4cfa63e71d64fe29c002dade42cb80.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9a4cfa63e71d64fe29c002dade42cb80.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1O1gMNFwJRw0M-JFGN_RrjxggpKltAEVy
Targets
-
-
Target
9a4cfa63e71d64fe29c002dade42cb80
-
Size
132KB
-
MD5
9a4cfa63e71d64fe29c002dade42cb80
-
SHA1
fee9dd36e12020a81d8d5b7fbdf2e4d4974cffe8
-
SHA256
e37b6c9937f5d466286ab7312fb36e8717d9dac0bcee4eacb62bbf0d03bcf0a0
-
SHA512
2a6209196313941ac1c3ff0c42f70315fc84e7efbc85326e0708ce00fdb1dd03c31774c5b84e180a700ec397758961e24aeb58961d3608ab7b402cc02577fd58
-
SSDEEP
1536:tNA9IuclaDPyC1F6oVSDwxDaBXnwyk0k:trQDx8oVGkmwyk0k
Score10/10-
Guloader payload
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-