Overview

overview

10

Static

static

3

xerox322200524.exe

windows7-x64

10

xerox322200524.exe

windows10-2004-x64

10

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ge.dll

windows7-x64

1

$PLUGINSDI...ge.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Duramen/Sa...rs.app

macos-10.15-amd64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    852a0d477d29d18d5b7c419e4d64a90761e04c908fc7171e2faab5ad40021fbc.jar

  • Size

    367KB

  • Sample

    240522-ccjmvagh2y

  • MD5

    91a034327be0deaa30c73c21e1a72dad

  • SHA1

    d69bb4445717931d0c80931bff02f0cb6d8d8d16

  • SHA256

    852a0d477d29d18d5b7c419e4d64a90761e04c908fc7171e2faab5ad40021fbc

  • SHA512

    06414545c70e01af969bf935433e328f1f9a5d029454b883d963e248f8b42020161ce83339f27c1e8e801501f40131f216384f71e06abdfc9c26e4067b3ae740

  • SSDEEP

    6144:xqZUJOXigyQjLGz0IDw1txim5ruiZpIRZ4gc9ps83WDw5+zmonPBMJwoLr5hLQv2:xqZUQygv2pEyY7pIhoa808loPBMJwoZB

Score
10/10
guloaderdownloadermacos

Malware Config

Targets

    • Target

      xerox322200524.exe

    • Size

      464KB

    • MD5

      5b578b597f4f4eef57eda996ee33cdb6

    • SHA1

      efdb66166e1a45e9a30c67bc6d80e42f843b5604

    • SHA256

      285009b0e71742b5fbe9407dcb25e378d35c2b9eab33f51618b46b647878c60d

    • SHA512

      a7cc33e0e73c5c821d66a2ce437dfcd1ae8074161e3cafb9c2668dd3e411fc4073e1161f8781a17bbb3c8af29f210b9c3b7cf9d7a534fb278fc54ae4eabdeea3

    • SSDEEP

      12288:vi3hR5SANiItEOU79Uhua4g8Do3BMJSojhvnH3:K3hv5iIizUhH4g8eqSqd3

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      0d5428f7920274caedfa8f2ae980e196

    • SHA1

      ce2ca2381a4b9ed9f06f6af5a183a840de290c3f

    • SHA256

      4083bef584ad6793b3d57e3e3f764a31afac876412df65c5da5afee76bbd1e10

    • SHA512

      78419752f3e6579f7caf1f9bab70a46ac2b0a7c5f08eb8604e927baea611c182133ce8d58929a059f22e6c2befb5ff0c24ee6500d0708bc884a65e395ea7c4cf

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/BgImage.dll

    • Size

      7KB

    • MD5

      9436196007f65f0ae96f64b1c8b2572e

    • SHA1

      4b004b5c2865c9450876be83faa8cc96e1d12c01

    • SHA256

      286f246ee18bf91c4a80fa2cdb61077a4bcf0a3fd6582be4b4ab6a5cb3de44c9

    • SHA512

      5c172675fbbea214471ac35eebaa6ab9bd1306268144085adbad3bba4a815430ed028cac169e8b5a6fd00818684f65d7bdd32f11773bc6152e62ef80f895d35e

    • SSDEEP

      96:8egk1LFJaO1/radJEaYtv1Zs4lkL8y3A2EN8Cmy3uT24j7J3kWyy/:t7TJa2roqJyA2EN8diuTHje

    Score
    1/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      8b3830b9dbf87f84ddd3b26645fed3a0

    • SHA1

      223bef1f19e644a610a0877d01eadc9e28299509

    • SHA256

      f004c568d305cd95edbd704166fcd2849d395b595dff814bcc2012693527ac37

    • SHA512

      d13cfd98db5ca8dc9c15723eee0e7454975078a776bce26247228be4603a0217e166058ebadc68090afe988862b7514cb8cb84de13b3de35737412a6f0a8ac03

    • SSDEEP

      192:ex24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlESlS:h8QIl972eXqlWBFSt273YOlEz

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      82c3f38cd34739872af07443c65d0bd8

    • SHA1

      1f4ee2d394404a291eda6419f856adaf4b960237

    • SHA256

      59cdb2c12d5635fd25af4007b70222507948be41fa9885b7f07967c2510a5311

    • SHA512

      3a81c0613b1ea906ad4f103b02620217de69a8676dbb7ec41cf31f342a0a74562815a8d4f2efe9866fc16365f58524ac71652e99920acea355f020028775743d

    • SSDEEP

      192:ow8cSzvTyl4tgi8pPjQM0PuAg0YNy+IFtSP:lBSzm+t18pZ0WAg0R+IFg

    Score
    3/10
    behavioral10behavioral9

    • Target

      Duramen/Sabbatters.app

    • Size

      1KB

    • MD5

      6d05f4d490578ac56f35a2fb0fdc48c3

    • SHA1

      98cbe66769dca00383a1e6345a0af8d8f5158802

    • SHA256

      68c60b54d23a7eac7decbd381934147857868b1b5f14a5087cc7d691f68670d6

    • SHA512

      0d038240e209b7b478d66800c76668fe40b10ffca149b1920946fb025ba5f1be9f20cd75e689cae6c9e5d9c2f722bf54b5bc2783602a0379def34be48e6753b5

    Score
    1/10
    behavioral11

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.