General

  • Target

    06122024_1223_06122024_Nakliye belgeleri.gz

  • Size

    831KB

  • Sample

    241206-pkgjnssrbn

  • MD5

    6229096ae5421057efee44aa89cd77ad

  • SHA1

    3b86be094df15ead66c16589a0eeb4483aa521dd

  • SHA256

    897157add816cce92dbd71702f67356ade3bfe16a405f9c89e7eebeeebbf9ceb

  • SHA512

    7154f622161bdc1c4426a16e252ebb0d0a009686e39c427bc9a95982a57841e72aa40d97908252e9f33f76c9ae5c97547b97ab731cd04d45c26e1ffc5380fc41

  • SSDEEP

    12288:yeI9M8qCD+dWEho5UIIy8gk8tyfhsiUN0dWOrWdsr2xETJrCesF7V83nv:uiFbo53Zk08hjdrWc2qTJ0F7V8Xv

Malware Config

Targets

    • Target

      Nakliye belgeleri.exe

    • Size

      1.1MB

    • MD5

      620924d9a2e90d34b060c7e210785926

    • SHA1

      736ce2fe105049ed45e90e5bd9d83086a6006c32

    • SHA256

      014f4753734a62111955ca64721aa64a4b6d98b36e5a3bd9a4da5afc128b2f17

    • SHA512

      d9b73f6d65eb4aabf05e96e06c864a68d921c627eca178cba573a46a1818f00d6934ce794eb1bcedccc2fbaef83ae2270eb9583217705293860450ef25a41912

    • SSDEEP

      12288:pl/4qNMmw1GYDmImQgThNj/yMf5ck8WMvwvKIcrIPdEBEo7vPmXaNgI+pMeVOqIt:rM05NjKiclwSIU04Eb1MncwaF0C9Wn

    • Guloader family

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      fc90dfb694d0e17b013d6f818bce41b0

    • SHA1

      3243969886d640af3bfa442728b9f0dff9d5f5b0

    • SHA256

      7fe77ca13121a113c59630a3dba0c8aaa6372e8082393274da8f8608c4ce4528

    • SHA512

      324f13aa7a33c6408e2a57c3484d1691ecee7c3c1366de2bb8978c8dc66b18425d8cab5a32d1702c13c43703e36148a022263de7166afdce141da2b01169f1c6

    • SSDEEP

      192:e/b2HS5ih/7i00eWz9T7PH6yeFcQMI5+Vw+EXWZ77dslFZk:ewSUmWw9T7MmnI5+/F7Kdk

    Score
    3/10
    • Target

      hypohydrochloria.app

    • Size

      487KB

    • MD5

      271b95b44bbafaf5d68ae0d972e1163a

    • SHA1

      6816bd06b9b638de8e6517dfe7647ce409f2f4c8

    • SHA256

      60412767f4eaea33f06a6a02f3b0975015e75f251ba6cbeee96ac712d0b23f9b

    • SHA512

      cb7a65001cc0dbb63cddcd89166b575bd2612f75100ca47ff8a8162825a5c91a5c2b60b83447f33a7aad1c0f1a7eee4c5f340e5d66141ee59309b59ca461d992

    • SSDEEP

      1536:vGAVO3tWkduBR8240f+rzESOotNlufM+A/:nYQSA6AMIk+A/

    Score
    4/10

MITRE ATT&CK Enterprise v15

Tasks