General
-
Target
Transferencia realizada 451236_1.rar
-
Size
746KB
-
Sample
241031-qvyrdazckq
-
MD5
41b3669e6aa7b3a6f678577f80cc2f6f
-
SHA1
b0fdb10b86326c8e865b9c94516092a50b456238
-
SHA256
155a0b805cfe7ab06e153072f019499e5a4a6debe7ec0f148a08c0b9e2a51fec
-
SHA512
6509e42079a36642a172187f6bb2e757a9b905fe5428a82899965aa80fdd1e072db9b9d3611988ce551a4e73228222eccaea6404887793dc7ef517a19eae961d
-
SSDEEP
12288:CaFyI3DP/SoMG16MLPDh9OwpdRFou8EJelWqji26H0iK9hc42aaSUOQpR5Scr:DV7/WgNLPfhnelSAc42atyR5Sg
Static task
static1
Behavioral task
behavioral1
Sample
Transferencia realizada 451236.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Transferencia realizada 451236.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Transferencia realizada 451236.exe
-
Size
893KB
-
MD5
12f32dc32a25a48db3aca40758745e80
-
SHA1
41f2c89b8c83b279633c641d1e266a3a2487294d
-
SHA256
8085c17ea9441ff19ee1d021408ce2b159bdf4d53704a9afd180e76033c74415
-
SHA512
b3e71933c26fc75dfa3aef0efc9ef375572df28cdba1b85dac9ecda062e572a6999dcbeec382b04e5a7d24e3485f5aa6852fad9e2d36fded55525fa8acf8dd9c
-
SSDEEP
24576:6x+rRnZt2HrJ1oAzm2ESD62HnQIQMOKOaeKX:6x+1nZcLHFzmnSW2HTzOKOwX
Score10/10-
Guloader family
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c9473cb90d79a374b2ba6040ca16e45c
-
SHA1
ab95b54f12796dce57210d65f05124a6ed81234a
-
SHA256
b80a5cba69d1853ed5979b0ca0352437bf368a5cfb86cb4528edadd410e11352
-
SHA512
eafe7d5894622bc21f663bca4dd594392ee0f5b29270b6b56b0187093d6a3a103545464ff6398ad32d2cf15dab79b1f133218ba9ba337ddc01330b5ada804d7b
-
SSDEEP
192:cPtkumJX7zBE2kGwfy9S9VkPsFQ1MZ1c:N7O2k5q9wA1MZa
Score3/10 -