Overview

overview

10

Static

static

3

New_OrderN...er.exe

windows7-x64

7

New_OrderN...er.exe

windows10-2004-x64

10

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49f25b9220873286e9363a6b10fe0297d145578c2990cca55cc5cd385b49ab09

  • Size

    441KB

  • Sample

    241201-x895wstraq

  • MD5

    cc6834513cd3ddc2168dcd9924dc67ff

  • SHA1

    6e19ee6a29179a26ac43c18d59ef1621585490ca

  • SHA256

    49f25b9220873286e9363a6b10fe0297d145578c2990cca55cc5cd385b49ab09

  • SHA512

    29efebdbf3c0b99ff700ffcd97bc0623f579dce76a776efa9c4e61b028c377bce9754f3bcfc6053ddb77399706ff53c7a70e1810523e36a2b16e724d32b89d74

  • SSDEEP

    6144:xGkShEm1aRt3qiKliBjfEUj+Ew56R/gfkufYzmwraNV8RXr9Fab5zIGVl5xaDC/F:ZmOnpDjzxN2SQOt5FaIGV163hWr

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      New_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_OrderNew_Order.exe

    • Size

      524KB

    • MD5

      d7dfbeafd73680ece456544358ff4ae8

    • SHA1

      8bfae1107957528a267642e1de35cd706e21239f

    • SHA256

      eeab9fb352cb6be16656c5e2432f3c7d1e4fdcde4b0053cc13110b35bcad3be9

    • SHA512

      a9b0e71b53dfa3805c6e86f8f773eb1fa6b0a6d79e9ba41cbec9007393c8e7a3826007bd44251ecabbe90f770cb8bf0c5dd551834b05fc20138f28b56a9e85a5

    • SSDEEP

      6144:wYa6WLKRTIXwlWVwV7j3qKWOY+LF0EUFbPkhw56R/SI2BLfYi4K5+Q8cfVFa23Qn:wY0FQEU7RKDBSxSTtvGctF1oC2WzS

    Score
    10/10
    discoveryguloaderdownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks