Overview

overview

10

Static

static

3

960a287cac...17.exe

windows7-x64

7

960a287cac...17.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    960a287cacdeeb38a29b06b0a73f6f150be8064fd414b9e050eed13c03cbe917.exe

  • Size

    658KB

  • Sample

    240605-cee3fabf67

  • MD5

    60a7e716d4096c5b2d261711efa88189

  • SHA1

    a026c01473285adf6115954308679e626a7db7e9

  • SHA256

    960a287cacdeeb38a29b06b0a73f6f150be8064fd414b9e050eed13c03cbe917

  • SHA512

    15a2c1a0651aeb37063ba307d76c45404451c709220d67af6f9f996634aca8def08dc62fa081e4b01fa316543116612b96743a5b34ac5338cc14f8ae0485b799

  • SSDEEP

    12288:f0VN1HuZE08wTl3yItrn5F9Foy6TZK/iVHCzwHBW:MHl08wT1yIV5F9qRTZK/WC/

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      960a287cacdeeb38a29b06b0a73f6f150be8064fd414b9e050eed13c03cbe917.exe

    • Size

      658KB

    • MD5

      60a7e716d4096c5b2d261711efa88189

    • SHA1

      a026c01473285adf6115954308679e626a7db7e9

    • SHA256

      960a287cacdeeb38a29b06b0a73f6f150be8064fd414b9e050eed13c03cbe917

    • SHA512

      15a2c1a0651aeb37063ba307d76c45404451c709220d67af6f9f996634aca8def08dc62fa081e4b01fa316543116612b96743a5b34ac5338cc14f8ae0485b799

    • SSDEEP

      12288:f0VN1HuZE08wTl3yItrn5F9Foy6TZK/iVHCzwHBW:MHl08wT1yIV5F9qRTZK/WC/

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      10e8921a6e7f6a74671b07dc3bde626f

    • SHA1

      b7961066600ef193c5319dbeed3673dc60110a50

    • SHA256

      c85142f86e1ec02f7ef8d5ba31b22031de3de9a16bce519d5482b824afb277eb

    • SHA512

      4c19a7e3117baeec3f6a7f9a33cfab392255741137406db87fe5ac24def7f9a28b2ed0fc26f0f46c5d43ba1bb6675dea74410a797bfd265e38812b042460aa00

    • SSDEEP

      192:Q9rQDenC9VrcK7REgSWOprANupQYLRszDDH/d9CWlXo7U6Wxf:QJQEaVAK7R9SfpjpQYLRszfH/d9CWB1j

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks