Overview

overview

10

Static

static

10

Xd2c386a3a...9a.exe

windows7-x64

10

Xd2c386a3a...9a.exe

windows10-1703-x64

10

Xd2c386a3a...9a.exe

windows10-2004-x64

10

Xd2c386a3a...9a.exe

windows11-21h2-x64

10

Resubmissions

10-04-2024 02:25

240410-cwlljsbh99 10

10-04-2024 02:25

240410-cwlasafc5v 10

10-04-2024 02:25

240410-cwkn9afc5t 10

10-04-2024 02:25

240410-cwkdgsfc5s 10

14-10-2023 04:25

231014-e12vfagc2y 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Xd2c386a3a6edfe99de10f6ce6b3659c4809a.exe

  • Size

    289KB

  • MD5

    88cfc2ccc0575567122d1d233f9eb1c3

  • SHA1

    4be67d0d801197f88c14d62f4495f17e89fc471f

  • SHA256

    41505242cdbf259aada52b773daeec33d239e4aefd685ba9e406d2cf2f9871a4

  • SHA512

    a2dd9ab7a2fe2a6d596c78394f65956f3e8973940229b305e2d763be69ff9f27b1450b5e08ca57cd0886a873fb663daad20ca94d9262a6c80a582dfc5f2e42b7

  • SSDEEP

    6144:uHClm6SWPoK5Z0EwVSmRPQp+L5v9bbSUpi:uHCnZxb8hLLSUpi

Score
10/10
gurcu

Malware Config

Extracted

Family

gurcu

C2

https://api.telegram.org/bot6176004110:AAFKA5be4dMwA848HWxzYIzrzzOGIHMOJGc/sendMessage?chat_id=615133582

Signatures

  • Gurcu family
    gurcu
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Xd2c386a3a6edfe99de10f6ce6b3659c4809a.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections