Overview

overview

10

Static

static

3

Transferen...24.exe

windows7-x64

10

Transferen...24.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Transferencia 10-7-2024_1.rar

  • Size

    468KB

  • Sample

    241008-pvnqqs1dlf

  • MD5

    83de942f5572b0f9f73cd12c4d57316a

  • SHA1

    34bca715dfe25bb32953a51ca38dd66ab54174ad

  • SHA256

    a6a9ad20818055cb5fcdda735db0c8c92c84b291ecece29c37169e43d072bc99

  • SHA512

    50abb24160493dd630a7170a597381d149f250dd64193a85f32bf0809b4b6dbc8f574b0d8540909513fb4cd143d02be75d9b22332dda2689da87e4c9467e674a

  • SSDEEP

    12288:HrobWfFM3a8Hr+P8hprn45dResEdJiuWcIRShjYFcrhvE:HU1aOro8hprnkdResESFcIRyNE

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      Transferencia 10-7-2024.exe

    • Size

      612KB

    • MD5

      c93a80d9adc5d5a9cdde8b8679d2f635

    • SHA1

      91a5c5f9a9613a948f54372c9a614166cd0c94de

    • SHA256

      3e72be6b2b1517ea2de0763546a011d63cedcb13d7650fb0f4c67fbe5753bd92

    • SHA512

      bc2271249fe3ca05f27bfac7aa96b8366ede08e01763cc3f6b342be8f5cafd0efd272c73061127136022e2d08f21cd112180f8fa53273eeffdf85d214db834c1

    • SSDEEP

      12288:822tP8I1sfO3bUT73ynP144OwEB906OL:822tP8RA27gPx76O

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      3f176d1ee13b0d7d6bd92e1c7a0b9bae

    • SHA1

      fe582246792774c2c9dd15639ffa0aca90d6fd0b

    • SHA256

      fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e

    • SHA512

      0a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6

    • SSDEEP

      192:OPtkumJX7zB22kGwfy0mtVgkCPOsX1un:/702k5qpdsXQn

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks