General
-
Target
PO_450038969222222.IMG
-
Size
1.2MB
-
Sample
240426-lgghqade95
-
MD5
c755c5c682da599ba12036dd608b866d
-
SHA1
ab473b32f99051d69b5b07dab5317412d0af760e
-
SHA256
45a95817d50c64f2340c481541ba837e2f13263d0ff6db4396ab16914279439a
-
SHA512
867941dab88fb989f3794bca7bd8ee0f1033510f2156851a466ead1f824ebd6238d0a8a6b897255652fd8ea877584fcde35ceafc50774a5bcc685e2a0a5ecf7c
-
SSDEEP
6144:Rz27B8gj9StARX5mdUP49xHcZYDbTECOpckKhaITOYFog9qg6cOTmsYQa9cW3B+u:pIXp49FGYDcnGd73qq2TY4CBH
Malware Config
Targets
-
-
Target
PO_450038969222222.exe
-
Size
624KB
-
MD5
acefcf62c3b1562fccbc6b09bd635e46
-
SHA1
59d2672f9874c68861850e7b7854653aa51107af
-
SHA256
c48ee19744cf5c99735454ecdfc48e5c0943e44c175481725d62a104b140826b
-
SHA512
e0b5197fd71e6ca578ef7518e254bdfa06b207598372d12646ea3c79bfa6c45859ed809bd744007f2edee2b5bc9f6ba606dcffebdb80bb5e5382181b30e68ec9
-
SSDEEP
6144:5z27B8gj9StARX5mdUP49xHcZYDbTECOpckKhaITOYFog9qg6cOTmsYQa9cW3B+u:hIXp49FGYDcnGd73qq2TY4CBH
Score10/10-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Loads dropped DLL
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-