Overview

overview

10

Static

static

3

1602325d55...83.exe

windows7-x64

10

1602325d55...83.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1602325d55a3537877b0a08c80dfd34f69a12b08d10af3b5aec5479fac779283.exe

  • Size

    555KB

  • Sample

    241004-bhbzhszemc

  • MD5

    e0cdd543f142a8cb51c02d2229f9602d

  • SHA1

    fe357f74ea47ba6319fe68240131f19c9ae2664d

  • SHA256

    1602325d55a3537877b0a08c80dfd34f69a12b08d10af3b5aec5479fac779283

  • SHA512

    f435c47834a9d430ed23d24836c391ddaac2904bddc76e53551aca7df607940e911efa2c752c18e19d82c454582fb75da5e67ffc8660252e35db775ff1b9588a

  • SSDEEP

    6144:HIw3/aVqeUyFpR211QqcrrGmMvL41GTpiEBsfnZlcaAX4TUjiSiilU9t75k2hWjE:HaPF609uJ41kpiEoRAoARlU6tPzcP

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      1602325d55a3537877b0a08c80dfd34f69a12b08d10af3b5aec5479fac779283.exe

    • Size

      555KB

    • MD5

      e0cdd543f142a8cb51c02d2229f9602d

    • SHA1

      fe357f74ea47ba6319fe68240131f19c9ae2664d

    • SHA256

      1602325d55a3537877b0a08c80dfd34f69a12b08d10af3b5aec5479fac779283

    • SHA512

      f435c47834a9d430ed23d24836c391ddaac2904bddc76e53551aca7df607940e911efa2c752c18e19d82c454582fb75da5e67ffc8660252e35db775ff1b9588a

    • SSDEEP

      6144:HIw3/aVqeUyFpR211QqcrrGmMvL41GTpiEBsfnZlcaAX4TUjiSiilU9t75k2hWjE:HaPF609uJ41kpiEoRAoARlU6tPzcP

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      8b3830b9dbf87f84ddd3b26645fed3a0

    • SHA1

      223bef1f19e644a610a0877d01eadc9e28299509

    • SHA256

      f004c568d305cd95edbd704166fcd2849d395b595dff814bcc2012693527ac37

    • SHA512

      d13cfd98db5ca8dc9c15723eee0e7454975078a776bce26247228be4603a0217e166058ebadc68090afe988862b7514cb8cb84de13b3de35737412a6f0a8ac03

    • SSDEEP

      192:ex24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlESlS:h8QIl972eXqlWBFSt273YOlEz

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks