General

  • Target

    33a1e499b83cc0aee95964993b66682306515ca529f07a7d07f53e070408cadf

  • Size

    675KB

  • Sample

    240326-cdy4xsbf33

  • MD5

    0e0f4a22528d2ba8bf8ea0b840df9041

  • SHA1

    d3ce45da85ae04d2de9155ad1b17677338969bfb

  • SHA256

    33a1e499b83cc0aee95964993b66682306515ca529f07a7d07f53e070408cadf

  • SHA512

    512f25c5e8d26a7a4419c3c7b77f16803ac6a3141d965a3872cce91e1a7be974c11822c15576ab2b0f2d865b50d3b47afcb3bf9f0d7cef1a93a4ce59db3a9ebe

  • SSDEEP

    12288:FLTA8PHO5mU0It6Y2s+eRqlCdY73bAlaVYwCTEEnhKbWYI3S:9TA8PO5mU16yJslCdYDbKaVkTEk0P

Malware Config

Targets

    • Target

      33a1e499b83cc0aee95964993b66682306515ca529f07a7d07f53e070408cadf

    • Size

      675KB

    • MD5

      0e0f4a22528d2ba8bf8ea0b840df9041

    • SHA1

      d3ce45da85ae04d2de9155ad1b17677338969bfb

    • SHA256

      33a1e499b83cc0aee95964993b66682306515ca529f07a7d07f53e070408cadf

    • SHA512

      512f25c5e8d26a7a4419c3c7b77f16803ac6a3141d965a3872cce91e1a7be974c11822c15576ab2b0f2d865b50d3b47afcb3bf9f0d7cef1a93a4ce59db3a9ebe

    • SSDEEP

      12288:FLTA8PHO5mU0It6Y2s+eRqlCdY73bAlaVYwCTEEnhKbWYI3S:9TA8PO5mU16yJslCdYDbKaVkTEk0P

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      dandyish/Postconnubial/Overstaleness/Skiliftenes11/rideelastiks.Med

    • Size

      59KB

    • MD5

      5d1f60c7bafca993ac1b4288be62fb25

    • SHA1

      d1c32a45c20735464a78e714ae4c426bbc9ff09d

    • SHA256

      b24d56bc1d17d715843f4cfae6ebc1d5ad51420a26f060e55f95ca7e22a3d233

    • SHA512

      71c3e2d8e0e24c1a4614f31e1f2b4500270d0d1aec0e26f2aa7a759a75e9973055466204ef6c510e068ce2e68da05a7a90fc693f3510665c0785508d5856498c

    • SSDEEP

      1536:B+rtNTGcMwOjHiKMLLM3HGoGT75YgLLjBxqX8THOKhEX:Q56wOjHiHUWP9PjBgX8T3he

    Score
    8/10
    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks