Overview

overview

10

Static

static

3

Papmlken.exe

windows7-x64

10

Papmlken.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30102024_0120_29102024_PEDIDO.rar

  • Size

    750KB

  • Sample

    241030-bqdhbasldy

  • MD5

    b1c32624da3d5109caa6b225f79a71ed

  • SHA1

    54aab4a492681c599c857ec485dd403f33989bc5

  • SHA256

    eccc0b1a8a0cc1fa0ecc235f09a927349f20330751c8f0f87fc977b7b5763d1f

  • SHA512

    9e9974b182de9e288247ac682b4674e7cd1e1a21cd327ddb9400a82b9935a0551d8a20e0fe7a20437b7ed0615751296968b987648527865810801fe95cae7102

  • SSDEEP

    12288:K5nIJZx/stcZ+nmyEPJK01pB8jREFMYU1EoorYKduHAyv3+pmHvwlm6mOr1gQzAQ:EnY4tcYLEPY2XtM6o3KaotE4rkTygs62

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      Papmlken.exe

    • Size

      897KB

    • MD5

      f7861077df1c126558e396dd2011ef6b

    • SHA1

      c8e5a886a2fde8a2d1c4b55d2521855afc8a978b

    • SHA256

      d015e6ce88f2d44bacf7b9d17d1341d071835570263c5c87dbf12e7674b2597a

    • SHA512

      d012a8e962e68ffcb482a67957d199e00090774b5501f8bb8eb5e6402283eae2b481369187c0a0ffc9fee9a3fdc55827b4625e6ec9e66d1f2bb48b181eb077ea

    • SSDEEP

      24576:Ax+ra+8DOCqv2LqoAzIusXT62HnQIQMOKOaeKx:Ax+2+8DEuLqFzeXm2HTzOKOwx

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c9473cb90d79a374b2ba6040ca16e45c

    • SHA1

      ab95b54f12796dce57210d65f05124a6ed81234a

    • SHA256

      b80a5cba69d1853ed5979b0ca0352437bf368a5cfb86cb4528edadd410e11352

    • SHA512

      eafe7d5894622bc21f663bca4dd594392ee0f5b29270b6b56b0187093d6a3a103545464ff6398ad32d2cf15dab79b1f133218ba9ba337ddc01330b5ada804d7b

    • SSDEEP

      192:cPtkumJX7zBE2kGwfy9S9VkPsFQ1MZ1c:N7O2k5q9wA1MZa

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks