General

  • Target

    7ea4b0492d4bd06af8088ed24374001cabe43bac4a8477c9d4c16428ebe7d511.exe

  • Size

    570KB

  • Sample

    240523-dk4hnabf31

  • MD5

    acf130a10b41446bb89bf89e630c7fa3

  • SHA1

    93ab6a6eb407f475f3c5eea4fb2426339f6e1619

  • SHA256

    7ea4b0492d4bd06af8088ed24374001cabe43bac4a8477c9d4c16428ebe7d511

  • SHA512

    7336f5cf39695dc457f90b8056d3fa19317725427f2f7efdcc826d9dd93bb287d8188ecd3a771f7a92d1cf8a9c5aafb9ffbc71698d6e48ba01b87e6625f85965

  • SSDEEP

    12288:9eCLyNx2qdIzjxxtdH7JZOqBhg5F0y/7dncz+kOILaw/mD+Ksjo:9ebNwqaz9jB7JZTEFT5mL41T

Score
10/10

Malware Config

Targets

    • Target

      7ea4b0492d4bd06af8088ed24374001cabe43bac4a8477c9d4c16428ebe7d511.exe

    • Size

      570KB

    • MD5

      acf130a10b41446bb89bf89e630c7fa3

    • SHA1

      93ab6a6eb407f475f3c5eea4fb2426339f6e1619

    • SHA256

      7ea4b0492d4bd06af8088ed24374001cabe43bac4a8477c9d4c16428ebe7d511

    • SHA512

      7336f5cf39695dc457f90b8056d3fa19317725427f2f7efdcc826d9dd93bb287d8188ecd3a771f7a92d1cf8a9c5aafb9ffbc71698d6e48ba01b87e6625f85965

    • SSDEEP

      12288:9eCLyNx2qdIzjxxtdH7JZOqBhg5F0y/7dncz+kOILaw/mD+Ksjo:9ebNwqaz9jB7JZTEFT5mL41T

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      8b3830b9dbf87f84ddd3b26645fed3a0

    • SHA1

      223bef1f19e644a610a0877d01eadc9e28299509

    • SHA256

      f004c568d305cd95edbd704166fcd2849d395b595dff814bcc2012693527ac37

    • SHA512

      d13cfd98db5ca8dc9c15723eee0e7454975078a776bce26247228be4603a0217e166058ebadc68090afe988862b7514cb8cb84de13b3de35737412a6f0a8ac03

    • SSDEEP

      192:ex24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlESlS:h8QIl972eXqlWBFSt273YOlEz

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks