Overview

overview

10

Static

static

3

SCAN.AWB.exe

windows7-x64

10

SCAN.AWB.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f611a512d65053f68baee97be8cbda5e0539fe061032466a1937c9a1659c2791.img

  • Size

    1.2MB

  • Sample

    240522-c5nr9shf93

  • MD5

    26913acdbbcc1b40d947d0cf8142cfb7

  • SHA1

    1bf254ba735f08665f68f5614ed80c06effea582

  • SHA256

    f611a512d65053f68baee97be8cbda5e0539fe061032466a1937c9a1659c2791

  • SHA512

    28290754f6245ba5c5b380064767aa6ad494b67210b8cee24b247741e9da604522454792e1842772ba76b57de0cdc27d768199492a2d458323d6acc36effe123

  • SSDEEP

    12288:PeCLyNx2qdIzjxxtdH7JZOqBhg5F0y/7dncz+kOILaw/mD+Ksj:PebNwqaz9jB7JZTEFT5mL41

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      SCAN.AWB.exe

    • Size

      570KB

    • MD5

      acf130a10b41446bb89bf89e630c7fa3

    • SHA1

      93ab6a6eb407f475f3c5eea4fb2426339f6e1619

    • SHA256

      7ea4b0492d4bd06af8088ed24374001cabe43bac4a8477c9d4c16428ebe7d511

    • SHA512

      7336f5cf39695dc457f90b8056d3fa19317725427f2f7efdcc826d9dd93bb287d8188ecd3a771f7a92d1cf8a9c5aafb9ffbc71698d6e48ba01b87e6625f85965

    • SSDEEP

      12288:9eCLyNx2qdIzjxxtdH7JZOqBhg5F0y/7dncz+kOILaw/mD+Ksjo:9ebNwqaz9jB7JZTEFT5mL41T

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      8b3830b9dbf87f84ddd3b26645fed3a0

    • SHA1

      223bef1f19e644a610a0877d01eadc9e28299509

    • SHA256

      f004c568d305cd95edbd704166fcd2849d395b595dff814bcc2012693527ac37

    • SHA512

      d13cfd98db5ca8dc9c15723eee0e7454975078a776bce26247228be4603a0217e166058ebadc68090afe988862b7514cb8cb84de13b3de35737412a6f0a8ac03

    • SSDEEP

      192:ex24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlESlS:h8QIl972eXqlWBFSt273YOlEz

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Tasks