General

  • Target

    6d425070a6a39d4d497be922c1da6ac2_JaffaCakes118

  • Size

    96KB

  • Sample

    240524-efwgxscb31

  • MD5

    6d425070a6a39d4d497be922c1da6ac2

  • SHA1

    3de6fdb1e568b66407f8f09bab2d3c26deed5d91

  • SHA256

    48b6690d5bd1be4666d437e2139948e5ee78c04cafadadb0cf0cd9cccffedb82

  • SHA512

    ba2ceb48ae36cc73b86f32f44d9248de5d24e253cb44f47b28adfd586499663a883b06b36fcd53445d2ee1236a2ce484b18637c934d30a5001ff0f21b607aee5

  • SSDEEP

    768:l5IVXTyxNZ4e8v1WS0mM8m8W/xMLO7rSJvJ6BIwtww8x55osYC5LZ6zDosgN:Ei58UUbW/x+O7rSJvNwIx55jN

Score
10/10

Malware Config

Extracted

Family

guloader

C2

https://onedrive.live.com/download?cid=CEA27E82624AB94F&resid=CEA27E82624AB94F%21160&authkey=AM8-2mpfwRJFgCE

xor.base64

Targets

    • Target

      6d425070a6a39d4d497be922c1da6ac2_JaffaCakes118

    • Size

      96KB

    • MD5

      6d425070a6a39d4d497be922c1da6ac2

    • SHA1

      3de6fdb1e568b66407f8f09bab2d3c26deed5d91

    • SHA256

      48b6690d5bd1be4666d437e2139948e5ee78c04cafadadb0cf0cd9cccffedb82

    • SHA512

      ba2ceb48ae36cc73b86f32f44d9248de5d24e253cb44f47b28adfd586499663a883b06b36fcd53445d2ee1236a2ce484b18637c934d30a5001ff0f21b607aee5

    • SSDEEP

      768:l5IVXTyxNZ4e8v1WS0mM8m8W/xMLO7rSJvJ6BIwtww8x55osYC5LZ6zDosgN:Ei58UUbW/x+O7rSJvNwIx55jN

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks