Overview

overview

10

Static

static

3

Wire Trans...07.exe

windows7-x64

10

Wire Trans...07.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Wire Transfer - Invoice Payment Ref_89507.exe

  • Size

    532KB

  • Sample

    240930-sw3g3asemp

  • MD5

    861734e77cbfd9b0663419e053b8f100

  • SHA1

    b7f908d8cf86cc9e20a51d9020d2b6860c8e4433

  • SHA256

    8c902fc0f78ef5ae8375f02f7b48020972ea2b22fb2eb01398ac2517074ccc52

  • SHA512

    0467e62b8781748d49ed33595fc15e8ef0ff4a01e62ed111838158f1cfeb3a55007573e8b36e38606d00359038dc1d4ca3fb71ba9816a9e6ab31e53884c67ce1

  • SSDEEP

    12288:zBbNp7y7wNaoecSRZfiRYiWvCwr5ym2FV:9y7wgBcSDKi9qW5y

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      Wire Transfer - Invoice Payment Ref_89507.exe

    • Size

      532KB

    • MD5

      861734e77cbfd9b0663419e053b8f100

    • SHA1

      b7f908d8cf86cc9e20a51d9020d2b6860c8e4433

    • SHA256

      8c902fc0f78ef5ae8375f02f7b48020972ea2b22fb2eb01398ac2517074ccc52

    • SHA512

      0467e62b8781748d49ed33595fc15e8ef0ff4a01e62ed111838158f1cfeb3a55007573e8b36e38606d00359038dc1d4ca3fb71ba9816a9e6ab31e53884c67ce1

    • SSDEEP

      12288:zBbNp7y7wNaoecSRZfiRYiWvCwr5ym2FV:9y7wgBcSDKi9qW5y

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks