Overview

overview

10

Static

static

3

2597d299f2...1a.exe

windows7-x64

10

2597d299f2...1a.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Accelerati...er.doc

windows7-x64

3

Accelerati...er.doc

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2597d299f220ba2dbee04bd903c3962e5a262e0686fab8f4ae581fe928d81c1a

  • Size

    769KB

  • Sample

    241117-k9cvkaxajr

  • MD5

    afb0ddc435628e52f8d026e2e01dead7

  • SHA1

    919afcff7f0e4332b854f920817165b0910f15ea

  • SHA256

    2597d299f220ba2dbee04bd903c3962e5a262e0686fab8f4ae581fe928d81c1a

  • SHA512

    35a57c278675c77a7f239706308423f7965a5fa094deaef9c4e1774d1749878800181dbf3a2e9d7cd1679ee0c3789f50c59b6e85c7cbb20385d2b5fc5c57999b

  • SSDEEP

    24576:JMwYlEZLYz1DBMgfpyED9WDHvBMg/Hv3Avr3I/SUiEW:JMweEKz1GgND9W9PovKWEW

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      2597d299f220ba2dbee04bd903c3962e5a262e0686fab8f4ae581fe928d81c1a

    • Size

      769KB

    • MD5

      afb0ddc435628e52f8d026e2e01dead7

    • SHA1

      919afcff7f0e4332b854f920817165b0910f15ea

    • SHA256

      2597d299f220ba2dbee04bd903c3962e5a262e0686fab8f4ae581fe928d81c1a

    • SHA512

      35a57c278675c77a7f239706308423f7965a5fa094deaef9c4e1774d1749878800181dbf3a2e9d7cd1679ee0c3789f50c59b6e85c7cbb20385d2b5fc5c57999b

    • SSDEEP

      24576:JMwYlEZLYz1DBMgfpyED9WDHvBMg/Hv3Avr3I/SUiEW:JMweEKz1GgND9W9PovKWEW

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      564bb0373067e1785cba7e4c24aab4bf

    • SHA1

      7c9416a01d821b10b2eef97b80899d24014d6fc1

    • SHA256

      7a9ddee34562cd3703f1502b5c70e99cd5bba15de2b6845a3555033d7f6cb2a5

    • SHA512

      22c61a323cb9293d7ec5c7e7e60674d0e2f7b29d55be25eb3c128ea2cd7440a1400cee17c43896b996278007c0d247f331a9b8964e3a40a0eb1404a9596c4472

    • SSDEEP

      192:nenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBDIwL:n8+Qlt70Fj/lQRY/9VjjfL

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Accelerationsbaner.Doc

    • Size

      122KB

    • MD5

      4aa4c10ecf80317631b3ac10592d5ba3

    • SHA1

      5a99a20551269be3c472ec1e6dfe1d93f79391ea

    • SHA256

      84e3b3b94d2a070961b4d7ece917274765f0a725fa4721d2414c9af8162a5d57

    • SHA512

      a80cb051591d85b472e1ea32b53dd84b90f3aab718946e5afb56fe63fabb6e7f3a90d93fdef7a003a7aca94b19ad65bd89ec067c4011904f29ab4f7fe24f6fe0

    • SSDEEP

      1536:dMYzqdOlEsBsZtdheQVNPpO/HriDX8Xj1DASrI05each6v3:dMYzWOlEesZb0axpqODoASrIvrov3

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks