General
-
Target
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c_bb31bb50a27cf9f9c1020a3a07308b6a247016f7e61d76cd65f55878fe3aa479.exe
-
Size
115KB
-
Sample
240226-h2t3rsgc5v
-
MD5
ed7f7b7b495dc71b85aaac38b267b5e3
-
SHA1
e4eac720e34303d753f84f5047ef8e99d05b0696
-
SHA256
bb31bb50a27cf9f9c1020a3a07308b6a247016f7e61d76cd65f55878fe3aa479
-
SHA512
76a4d7fe82de32e3ad86b0be9c827516f57a9aff1e046b6d25564bb4d7b749d68db857dd18bf738e81f36a3dc0694533201ce62b4be75e368d4b6e850493bfaf
-
SSDEEP
3072:TBtjiTHGb/fyQW6qqxFRsvPOW31bfrnb/dtXG12X:TDVqQ+Z
Static task
static1
Behavioral task
behavioral1
Sample
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c_bb31bb50a27cf9f9c1020a3a07308b6a247.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c_bb31bb50a27cf9f9c1020a3a07308b6a247.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1x4QIaEIYJueFynpzhwtnkaCxNkLmm3B0
Targets
-
-
Target
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c_bb31bb50a27cf9f9c1020a3a07308b6a247016f7e61d76cd65f55878fe3aa479.exe
-
Size
115KB
-
MD5
ed7f7b7b495dc71b85aaac38b267b5e3
-
SHA1
e4eac720e34303d753f84f5047ef8e99d05b0696
-
SHA256
bb31bb50a27cf9f9c1020a3a07308b6a247016f7e61d76cd65f55878fe3aa479
-
SHA512
76a4d7fe82de32e3ad86b0be9c827516f57a9aff1e046b6d25564bb4d7b749d68db857dd18bf738e81f36a3dc0694533201ce62b4be75e368d4b6e850493bfaf
-
SSDEEP
3072:TBtjiTHGb/fyQW6qqxFRsvPOW31bfrnb/dtXG12X:TDVqQ+Z
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-