General

  • Target

    a3f72766f73ed9e1f307ed62b0baec92e19e8e7c826559f30f2ad06031090e58

  • Size

    364KB

  • Sample

    240322-2fdnfacd5t

  • MD5

    85d9741a57fd752f7461abbcf3aa7d4a

  • SHA1

    ab5a7ef6069e9ca25f371a2b31fc0a6940e7773f

  • SHA256

    a3f72766f73ed9e1f307ed62b0baec92e19e8e7c826559f30f2ad06031090e58

  • SHA512

    f13b94c8fb8fb1e03fec51aeaa7ff268014d56b4d64c598b41952bc2947bb1fcabdc827f5dc9ec90ca3313fff03eea0a023f32d072c572048589ece481840b67

  • SSDEEP

    6144:0GYgXWlQwTiug1KOBDiDTlV86h6is3iwuf3CkWrmLniOYqwcGLAdH6In2pJgwtX4:tDGvg1D6V8Ris3iT3hWrmbbtqL2HBMJD

Score
10/10

Malware Config

Targets

    • Target

      a3f72766f73ed9e1f307ed62b0baec92e19e8e7c826559f30f2ad06031090e58

    • Size

      364KB

    • MD5

      85d9741a57fd752f7461abbcf3aa7d4a

    • SHA1

      ab5a7ef6069e9ca25f371a2b31fc0a6940e7773f

    • SHA256

      a3f72766f73ed9e1f307ed62b0baec92e19e8e7c826559f30f2ad06031090e58

    • SHA512

      f13b94c8fb8fb1e03fec51aeaa7ff268014d56b4d64c598b41952bc2947bb1fcabdc827f5dc9ec90ca3313fff03eea0a023f32d072c572048589ece481840b67

    • SSDEEP

      6144:0GYgXWlQwTiug1KOBDiDTlV86h6is3iwuf3CkWrmLniOYqwcGLAdH6In2pJgwtX4:tDGvg1D6V8Ris3iT3hWrmbbtqL2HBMJD

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      ee260c45e97b62a5e42f17460d406068

    • SHA1

      df35f6300a03c4d3d3bd69752574426296b78695

    • SHA256

      e94a1f7bcd7e0d532b660d0af468eb3321536c3efdca265e61f9ec174b1aef27

    • SHA512

      a98f350d17c9057f33e5847462a87d59cbf2aaeda7f6299b0d49bb455e484ce4660c12d2eb8c4a0d21df523e729222bbd6c820bf25b081bc7478152515b414b3

    • SSDEEP

      192:eF24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol9Sl:h8QIl975eXqlWBrz7YLOl9

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks