Overview

overview

10

Static

static

1

88bdbcde8b...f1.exe

windows7-x64

10

88bdbcde8b...f1.exe

windows10-2004-x64

4

Immatrikul...ns.ps1

windows7-x64

8

Immatrikul...ns.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88bdbcde8b2d570627dc08c006aa9636a69beb588c9a17e651ce783a7450f7f1.exe

  • Size

    685KB

  • Sample

    240315-cxp1csgd29

  • MD5

    19ab7a94788f74e80ccd992895853796

  • SHA1

    a39d701199164f300f8715e72630ffae0679f86f

  • SHA256

    88bdbcde8b2d570627dc08c006aa9636a69beb588c9a17e651ce783a7450f7f1

  • SHA512

    4f7e2a2a99f29f21b60f5208937dc19cc6f350152fd8147069840261161715fe7ec6637ced5fd7e4f8f60c0d87879f32f33fd45325db4544435afec9b2f9c59a

  • SSDEEP

    12288:3NCe3Ka5ATVEhjHskBmQwwLETQsAVudsBvAFuMricTsN:3NCVaG+jMkcQwBQl4dkvAOUsN

Score
10/10
guloaderdownloaderpersistence

Malware Config

Targets

    • Target

      88bdbcde8b2d570627dc08c006aa9636a69beb588c9a17e651ce783a7450f7f1.exe

    • Size

      685KB

    • MD5

      19ab7a94788f74e80ccd992895853796

    • SHA1

      a39d701199164f300f8715e72630ffae0679f86f

    • SHA256

      88bdbcde8b2d570627dc08c006aa9636a69beb588c9a17e651ce783a7450f7f1

    • SHA512

      4f7e2a2a99f29f21b60f5208937dc19cc6f350152fd8147069840261161715fe7ec6637ced5fd7e4f8f60c0d87879f32f33fd45325db4544435afec9b2f9c59a

    • SSDEEP

      12288:3NCe3Ka5ATVEhjHskBmQwwLETQsAVudsBvAFuMricTsN:3NCVaG+jMkcQwBQl4dkvAOUsN

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      Immatrikulerendes/Trogons.Thi

    • Size

      53KB

    • MD5

      5fd33bf891b22a73cefc7584dab237d7

    • SHA1

      c6412a8f00de3c3bf551dc729aeaa95b29e06786

    • SHA256

      f0a0b4b3cac5b00ba4d6c865ff4492e2aca2e7521e9da310866512e7ec06a8ad

    • SHA512

      744b84aecc85f04f6203e40285bb716b6c24121ec0b2266ee938ddaa195e46d4fb710541f78fe79738e68faff7beb097505c3867f4eea5f90e3e873f2480d110

    • SSDEEP

      768:+R6eAnbmQ3HJy8YHxGHCM4UZqOwxm3EIkTnHU7f10iEMwh7Z/yynItNa4mlWIN6+:+R6F7YHxG74UZ3557f19EXH/fOqJom3

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks