Overview

overview

10

Static

static

3

447b8c5cbd...18.exe

windows7-x64

10

447b8c5cbd...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-07-2024 05:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    447b8c5cbda0fbb25a50889d6c18c4da_JaffaCakes118.exe

  • Size

    124KB

  • MD5

    447b8c5cbda0fbb25a50889d6c18c4da

  • SHA1

    ea51f4e0b125369cf1c7298f04b63383c096a38a

  • SHA256

    ae47d37a60801c0a76e5df7eeb6ed0c40324c191672f774ea6f3f9466a4c36ca

  • SHA512

    2baf84538e435519d3b5d465f27667fa0cdb1bb910e5313d62309d13df6175832f3e77887e5057b6244c9efd206aefed9e0673396f7935cb20dcdc6152b9f937

  • SSDEEP

    1536:LGtxJ8C/PuG/QoVQLqDzDn1+pyEVHaIHuHi+vdvdodja:67/pgoD14Z4OG

Score
10/10
guloaderdownloaderguloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1O_SblqJqLl0nmhlqqeY8qBh1yQ4utTDY

xor.base64

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Guloader payload 1 IoCs
    guloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\447b8c5cbda0fbb25a50889d6c18c4da_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\447b8c5cbda0fbb25a50889d6c18c4da_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4604-2-0x00000000022B0000-0x00000000022BB000-memory.dmp

    Filesize

    44KB

    Download