Overview

overview

10

Static

static

1

f4b530b409...e1.exe

windows7-x64

8

f4b530b409...e1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f4b530b4093c82b714a70d226bd2b92aee20991b99e6e3a6ebd545605216c4e1.exe

  • Size

    787KB

  • Sample

    241205-s9ye9s1lcs

  • MD5

    9455cc1b8972fda8672a784ed6faea27

  • SHA1

    a0fa1ebe603f4fc20a6529edfb36cccdac70550a

  • SHA256

    f4b530b4093c82b714a70d226bd2b92aee20991b99e6e3a6ebd545605216c4e1

  • SHA512

    3c48f19c1551c122eeef903179834f40578c23759b0e2529b106621da477aa2d13a24e8aa06c4dd58a32daee613b3ebca00996d4f302e50621cd39be6f9e08ee

  • SSDEEP

    12288:YHANG3RciXWOBZSBRwEQTo7bN2u7o1lnMtVb0Cla+ve7bAvANa24jV:YHxcVcZwRBQIjt90sjvzE1

Score
10/10
guloaderdiscoverydownloaderexecution

Malware Config

Targets

    • Target

      f4b530b4093c82b714a70d226bd2b92aee20991b99e6e3a6ebd545605216c4e1.exe

    • Size

      787KB

    • MD5

      9455cc1b8972fda8672a784ed6faea27

    • SHA1

      a0fa1ebe603f4fc20a6529edfb36cccdac70550a

    • SHA256

      f4b530b4093c82b714a70d226bd2b92aee20991b99e6e3a6ebd545605216c4e1

    • SHA512

      3c48f19c1551c122eeef903179834f40578c23759b0e2529b106621da477aa2d13a24e8aa06c4dd58a32daee613b3ebca00996d4f302e50621cd39be6f9e08ee

    • SSDEEP

      12288:YHANG3RciXWOBZSBRwEQTo7bN2u7o1lnMtVb0Cla+ve7bAvANa24jV:YHxcVcZwRBQIjt90sjvzE1

    Score
    10/10
    discoveryexecutionguloaderdownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks