Overview

overview

10

Static

static

3

CENTURY.exe

windows7-x64

10

CENTURY.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    143s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-07-2024 08:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CENTURY.exe

  • Size

    124KB

  • MD5

    57eb22ea102f6c18e0716f77375ff24f

  • SHA1

    b42ba7c89283e9ba795fc286242a12665f93fb7a

  • SHA256

    6d67b95d08115900b9a87eeeec6efcd6899ce3018b4dbf3bae022982dc7f71bb

  • SHA512

    b116b280c772edb7b7e5b3f87382edd4b870f0a6e55b23188964fbfd36a0b88bb62c1c552742a6d4f904c5c09a71976c5ea75c6a2d7e9a2926368272a5db7d70

  • SSDEEP

    1536:gGP9asHhdFguvrKANGCsNYCVLfbz/+6GwBM1GxG2UiJLT2FQf:NLNrfKLza/ZAE+

Score
10/10
guloaderdownloaderguloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1M6_0SlIsqAtv17kJekjXdMWZBusRvXnx

xor.base64

Signatures

  • Guloader,Cloudeye

    A shellcode based downloader first seen in 2020.

    downloaderguloader
  • Guloader payload 1 IoCs
    guloader
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CENTURY.exe
    "C:\Users\Admin\AppData\Local\Temp\CENTURY.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/920-2-0x0000000002B20000-0x0000000002B2B000-memory.dmp

    Filesize

    44KB

    Download