Overview

overview

10

Static

static

3

Telescribe.exe

windows7-x64

10

Telescribe.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a246e12a4ba2de87f50d1aeedacf5e474412d243c18c8f7bf1d69338733adcad.tar

  • Size

    1.3MB

  • Sample

    240523-b94tlshe83

  • MD5

    022387b2ec66fb8c8dd4ce40c014f2bf

  • SHA1

    d47520c1e4bf8756d820353caf33038388028d3e

  • SHA256

    a246e12a4ba2de87f50d1aeedacf5e474412d243c18c8f7bf1d69338733adcad

  • SHA512

    e566d0fc713c20315c859ee5f543b6831807d63a990beeecef588662dfa135802159cb8a23cf418a602d8c5a88cdf792d91458339f059ec9de62cd818e86c826

  • SSDEEP

    24576:W9Q0lIVTRJLpdCW9zTIvwS60x6Hcy/U77VaaG8uosbrDqa1VHWTcSdmWDxbLn/oh:AQ0lsRdpdBTIYS6VDM77YoOrDX1l2xbs

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      Telescribe.exe

    • Size

      1.3MB

    • MD5

      ee518fda96d7cb89bad8783aeab7e6fa

    • SHA1

      5dced89b75ece47f8e8c0b19082ed97448f83964

    • SHA256

      cd25f94f8e22e1ca4f4bb2f65a4d904aaa01b57445284b1cf5ea9572873d2b4a

    • SHA512

      b92c661cc02640f4cbc1641b78005d84d176305af07caa92cb26441b0fcb831c31c79db7b5af69d2e331bf5ea1d28f9aa790fc7127cb58fae2224b111275f13b

    • SSDEEP

      24576:d9Q0lIVTRJLpdCW9zTIvwS60x6Hcy/U77VaaG8uosbrDqa1VHWTcSdmWDxbLn/oY:rQ0lsRdpdBTIYS6VDM77YoOrDX1l2xbv

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      b8992e497d57001ddf100f9c397fcef5

    • SHA1

      e26ddf101a2ec5027975d2909306457c6f61cfbd

    • SHA256

      98bcd1dd88642f4dd36a300c76ebb1ddfbbbc5bfc7e3b6d7435dc6d6e030c13b

    • SHA512

      8823b1904dccfaf031068102cb1def7958a057f49ff369f0e061f1b4db2090021aa620bb8442a2a6ac9355bb74ee54371dc2599c20dc723755a46ede81533a3c

    • SSDEEP

      192:PPtkumJX7zB22kGwfy0mtVgkCPOs81un:E702k5qpds8Qn

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks