Overview

overview

10

Static

static

3

Staff Atte...DF.exe

windows7-x64

10

Staff Atte...DF.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fab6a0fb-f45d-4c43-032e-08dcff99740f.rar

  • Size

    381KB

  • Sample

    241113-jxsvksxldw

  • MD5

    1ea467a0e23dd65c4ffb544c01a9489f

  • SHA1

    b993cfb19dc3447b7dbac21b2dbd77cbeca6c828

  • SHA256

    ceaf962f2087e570174e4f9bd516d6c57efbc65ca8ade121b7628f420050d6d9

  • SHA512

    212beb2b7020d48d4ee3570e8d259f7390f44d67203a807898ef72549cd36d177a5d4c48792e5122e4d253e159f78868628e5d9d74613be6e5779f624d8ae1b0

  • SSDEEP

    6144:fLQJ2ckgr8+fUBlqhRf7jw9JSlcK+B7a181LyY7cZK6aunxUBfNDScDB:DQxhNfUbqz7jmJ02Ra18TR7saDSY

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      Staff Attendance Submission for Payroll Processing (July 07 - November 07, 2024) PDF.bat

    • Size

      401KB

    • MD5

      a62db3b4c45f6012c0951c72be7e339a

    • SHA1

      635ddbd1e2884f847fa3e60fd547e8dc958af4d1

    • SHA256

      82f6981ed7bd0008afe2369debe26bfd84d7e9ee5d54e4741ebb3e29c3794e8e

    • SHA512

      f2f72f9ebae0339adba033689e42d9eb7ad7c79ed759c01283c5d1ec2bf24e2a983ba495fec3d5ec14c40f97ccd4c86e155822fb3e5400057f16c3a9a32625c7

    • SSDEEP

      12288:z0m2XWPUR9fBnEwEe6V0Lu6eRmwVbVsCI/:ujvZnEdfgegwVbVsX

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      34442e1e0c2870341df55e1b7b3cccdc

    • SHA1

      99b2fa21aead4b6ccd8ff2f6d3d3453a51d9c70c

    • SHA256

      269d232712c86983336badb40b9e55e80052d8389ed095ebf9214964d43b6bb1

    • SHA512

      4a8c57fb12997438b488b862f3fc9dc0f236e07bb47b2bce6053dcb03ac7ad171842f02ac749f02dda4719c681d186330524cd2953d33cb50854844e74b33d51

    • SSDEEP

      192:jPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4I:u7VpNo8gmOyRsVc4

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks