General
-
Target
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c.exe
-
Size
112KB
-
Sample
240226-h2tf8sgc5t
-
MD5
b0fb65f8075670b46aa1491da4f51c90
-
SHA1
fd87f96e5a300f71278aa6ad1ccdb8dd01c1de2a
-
SHA256
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c
-
SHA512
69e6d9631c81a48ba5301f8b978fb698f7ed1d9335ec0e7a6775fef925796cd7628f3a8699169025a115b3f7b042cd655a3078d5281fb088d6c548a576c1a986
-
SSDEEP
3072:TBtjiTHGb/fyQW6qqxFRsvPOW31bfrnb/dtXG12:TDVqQ+
Static task
static1
Behavioral task
behavioral1
Sample
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1x4QIaEIYJueFynpzhwtnkaCxNkLmm3B0
Targets
-
-
Target
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c.exe
-
Size
112KB
-
MD5
b0fb65f8075670b46aa1491da4f51c90
-
SHA1
fd87f96e5a300f71278aa6ad1ccdb8dd01c1de2a
-
SHA256
10e5aba7f34c9acff9ff3bd7d959fd719ca6327dc09f5dbdd976167ad6304f9c
-
SHA512
69e6d9631c81a48ba5301f8b978fb698f7ed1d9335ec0e7a6775fef925796cd7628f3a8699169025a115b3f7b042cd655a3078d5281fb088d6c548a576c1a986
-
SSDEEP
3072:TBtjiTHGb/fyQW6qqxFRsvPOW31bfrnb/dtXG12:TDVqQ+
Score10/10-
Guloader payload
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-