General

  • Target

    08072024_1318_04072024_20240704-455.gz

  • Size

    281KB

  • Sample

    240708-qkewhstarb

  • MD5

    3bd8cfcae27a669a5d349dfd6fde5cda

  • SHA1

    4c3ac10f9cc6687c34153004166fcdcd90716065

  • SHA256

    a4a084f413391c360201a71d98166380d7ddb93b055b8ce819137a4a8fa40255

  • SHA512

    41d9cbf3f8aa73a955fe13c01a4ddb256c0d84407241f9465d4489326f86d98e0adb0e396045b1de867a032af1e44f9375a4dac82aa3839f1a0d2a02e07c4ecd

  • SSDEEP

    6144:NgznHj+akxf9nN5Glb5hBSpFLJLRgtCFCfBcFqK+cAcZtmw2er:NiajB9N5UhALoUFCZPKDt3

Score
10/10

Malware Config

Targets

    • Target

      20240704-455.exe

    • Size

      356KB

    • MD5

      1d50f0c1ff48a16efb655a30addb121e

    • SHA1

      4b5d1ec5c09e32269c725c2df56d21c6aae6e04c

    • SHA256

      5543a995a7f45599c76eba74e6856200fad7a026f74b8c5643c78221e48d3f75

    • SHA512

      f0981a280969545ef1305ec2c631f3f3aacc235fb88339629f262606420dab5ca95cec0017d68fca1774e2bb4a5f60f788543095099d7336988be0f770b5e6a3

    • SSDEEP

      6144:hHadpdwMakhnB4kzYTOVaGxn9nNJGtb57BSfFLJxRgtCFChBcFOKAcAcZtew2h5:hHadykhiOVDN9NJS7ML6UFC3RKFty

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      192639861e3dc2dc5c08bb8f8c7260d5

    • SHA1

      58d30e460609e22fa0098bc27d928b689ef9af78

    • SHA256

      23d618a0293c78ce00f7c6e6dd8b8923621da7dd1f63a070163ef4c0ec3033d6

    • SHA512

      6e573d8b2ef6ed719e271fd0b2fd9cd451f61fc9a9459330108d6d7a65a0f64016303318cad787aa1d5334ba670d8f1c7c13074e1be550b4a316963ecc465cdc

    • SSDEEP

      192:ljHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZqE0QPi:R/Qlt7wiij/lMRv/9V4bfr

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks