General

  • Target

    82e2098806079d64fa92d88e07bc40f142eb5686f1aa7987ae3efb54a9e3d032

  • Size

    1.2MB

  • Sample

    240326-cetwlaed9w

  • MD5

    11c340a97a5eeada6d83aac48e355e09

  • SHA1

    c5fc1d99892b06eb83cf276ee99cf8bbd517513f

  • SHA256

    82e2098806079d64fa92d88e07bc40f142eb5686f1aa7987ae3efb54a9e3d032

  • SHA512

    08a0a4e999c4eeff1544b517c84d6c0dca5c75d92a3f8db89aef6c1b6e3220c5c57bcff4c4e4ed33f3ae21e6dc8ac9badfd363e207319c48d7cf7807b13aa04e

  • SSDEEP

    12288:VLTA8PHO5mU0It6Y2s+eRqlCdY73bAlaVYwCTEEnhKbWYI3:tTA8PO5mU16yJslCdYDbKaVkTEk0

Malware Config

Targets

    • Target

      Invoice.exe

    • Size

      675KB

    • MD5

      0e0f4a22528d2ba8bf8ea0b840df9041

    • SHA1

      d3ce45da85ae04d2de9155ad1b17677338969bfb

    • SHA256

      33a1e499b83cc0aee95964993b66682306515ca529f07a7d07f53e070408cadf

    • SHA512

      512f25c5e8d26a7a4419c3c7b77f16803ac6a3141d965a3872cce91e1a7be974c11822c15576ab2b0f2d865b50d3b47afcb3bf9f0d7cef1a93a4ce59db3a9ebe

    • SSDEEP

      12288:FLTA8PHO5mU0It6Y2s+eRqlCdY73bAlaVYwCTEEnhKbWYI3S:9TA8PO5mU16yJslCdYDbKaVkTEk0P

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      dandyish/Postconnubial/Overstaleness/Skiliftenes11/rideelastiks.Med

    • Size

      59KB

    • MD5

      5d1f60c7bafca993ac1b4288be62fb25

    • SHA1

      d1c32a45c20735464a78e714ae4c426bbc9ff09d

    • SHA256

      b24d56bc1d17d715843f4cfae6ebc1d5ad51420a26f060e55f95ca7e22a3d233

    • SHA512

      71c3e2d8e0e24c1a4614f31e1f2b4500270d0d1aec0e26f2aa7a759a75e9973055466204ef6c510e068ce2e68da05a7a90fc693f3510665c0785508d5856498c

    • SSDEEP

      1536:B+rtNTGcMwOjHiKMLLM3HGoGT75YgLLjBxqX8THOKhEX:Q56wOjHiHUWP9PjBgX8T3he

    Score
    8/10
    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks