General
-
Target
Stadigheder43.exe
-
Size
894KB
-
Sample
241030-qech7stfng
-
MD5
aa160f24e5670e39abcc8a33c6f51f2f
-
SHA1
eb8f77c8f6c5699614e304d8e7f8a3950ba41a4a
-
SHA256
2fba62d26b23162edc673374335d575688b00d1467d936618793d28ec3729ad6
-
SHA512
8261633df47cad2dab42508a8f1c9d421b0b0c91d62a8b08bf3787c19b7116f3f091791800983bcd9d75d92b0097c08c670a38963ef4effd04e70ffc4cb9565e
-
SSDEEP
24576:2x+rcb2ZkoncoAzPLqt62HnQIQMOKOaeKf:2x+4b2SoncFzPLH2HTzOKOwf
Static task
static1
Behavioral task
behavioral1
Sample
Stadigheder43.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Stadigheder43.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Stadigheder43.exe
-
Size
894KB
-
MD5
aa160f24e5670e39abcc8a33c6f51f2f
-
SHA1
eb8f77c8f6c5699614e304d8e7f8a3950ba41a4a
-
SHA256
2fba62d26b23162edc673374335d575688b00d1467d936618793d28ec3729ad6
-
SHA512
8261633df47cad2dab42508a8f1c9d421b0b0c91d62a8b08bf3787c19b7116f3f091791800983bcd9d75d92b0097c08c670a38963ef4effd04e70ffc4cb9565e
-
SSDEEP
24576:2x+rcb2ZkoncoAzPLqt62HnQIQMOKOaeKf:2x+4b2SoncFzPLH2HTzOKOwf
Score10/10-
Guloader family
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c9473cb90d79a374b2ba6040ca16e45c
-
SHA1
ab95b54f12796dce57210d65f05124a6ed81234a
-
SHA256
b80a5cba69d1853ed5979b0ca0352437bf368a5cfb86cb4528edadd410e11352
-
SHA512
eafe7d5894622bc21f663bca4dd594392ee0f5b29270b6b56b0187093d6a3a103545464ff6398ad32d2cf15dab79b1f133218ba9ba337ddc01330b5ada804d7b
-
SSDEEP
192:cPtkumJX7zBE2kGwfy9S9VkPsFQ1MZ1c:N7O2k5q9wA1MZa
Score3/10 -