Overview

overview

10

Static

static

3

Trykblgens.exe

windows7-x64

10

Trykblgens.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trykblgens.exe

  • Size

    354KB

  • Sample

    241114-g1ljkavhpr

  • MD5

    0f34c819b26907e1508f9cc886cd5440

  • SHA1

    790d7283f25f77ad24de07368194d4266c24f051

  • SHA256

    b199b1b1500796c646cfb42f1175b84b7e1493694a80bea9d5de5a0550ed4f92

  • SHA512

    9b359aaa21b81d6751f3ff1061286a7118847427a07b449e2d31f5dfad55d9ce6cd958b7e70b0d62cbe1b1bb4924af2673a35049ab821d5a57657bb077f55c8d

  • SSDEEP

    6144:tNDlOlZOvRQmfszRZBdhOSmhhyDRXR0OjN5c/9WG3ktHhpBnyv+bx2MTxrLM37Vh:tsZOv09dhOSmCVhjg/9WG3QBPyv+9Zt

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      Trykblgens.exe

    • Size

      354KB

    • MD5

      0f34c819b26907e1508f9cc886cd5440

    • SHA1

      790d7283f25f77ad24de07368194d4266c24f051

    • SHA256

      b199b1b1500796c646cfb42f1175b84b7e1493694a80bea9d5de5a0550ed4f92

    • SHA512

      9b359aaa21b81d6751f3ff1061286a7118847427a07b449e2d31f5dfad55d9ce6cd958b7e70b0d62cbe1b1bb4924af2673a35049ab821d5a57657bb077f55c8d

    • SSDEEP

      6144:tNDlOlZOvRQmfszRZBdhOSmhhyDRXR0OjN5c/9WG3ktHhpBnyv+bx2MTxrLM37Vh:tsZOv09dhOSmCVhjg/9WG3QBPyv+9Zt

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      8cf2ac271d7679b1d68eefc1ae0c5618

    • SHA1

      7cc1caaa747ee16dc894a600a4256f64fa65a9b8

    • SHA256

      6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba

    • SHA512

      ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3

    • SSDEEP

      192:BenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XB9IwL:B8+Qlt70Fj/lQRY/9VjjlL

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks