General

  • Target

    07a0fa450f4525bc8b015f18dd13e7af70fe59a35b5296470fadaed9f2bbca06

  • Size

    831KB

  • Sample

    241207-bvt1vsvjal

  • MD5

    f9ce499113a4ae6397257781a89745d0

  • SHA1

    0652c328e6576dce824cc9ba93a0d59a88d4ee1b

  • SHA256

    07a0fa450f4525bc8b015f18dd13e7af70fe59a35b5296470fadaed9f2bbca06

  • SHA512

    41cb10a3c7a3beadec79f330d0205f6e9f8c0b63c3b18347471b11f414b5f328cc28f8f0069cf1ea2856633469e09a838669fb6fe2dfbd4c82fc2f83484ec822

  • SSDEEP

    12288:yeI9M8qCD+dWEho5UIIy8gk8tyfhsiUN0dWOrWdsr2xETJrCesF7V83nZ:uiFbo53Zk08hjdrWc2qTJ0F7V8XZ

Malware Config

Targets

    • Target

      Nakliye belgeleri.exe

    • Size

      1.1MB

    • MD5

      620924d9a2e90d34b060c7e210785926

    • SHA1

      736ce2fe105049ed45e90e5bd9d83086a6006c32

    • SHA256

      014f4753734a62111955ca64721aa64a4b6d98b36e5a3bd9a4da5afc128b2f17

    • SHA512

      d9b73f6d65eb4aabf05e96e06c864a68d921c627eca178cba573a46a1818f00d6934ce794eb1bcedccc2fbaef83ae2270eb9583217705293860450ef25a41912

    • SSDEEP

      12288:pl/4qNMmw1GYDmImQgThNj/yMf5ck8WMvwvKIcrIPdEBEo7vPmXaNgI+pMeVOqIt:rM05NjKiclwSIU04Eb1MncwaF0C9Wn

    • Guloader family

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      fc90dfb694d0e17b013d6f818bce41b0

    • SHA1

      3243969886d640af3bfa442728b9f0dff9d5f5b0

    • SHA256

      7fe77ca13121a113c59630a3dba0c8aaa6372e8082393274da8f8608c4ce4528

    • SHA512

      324f13aa7a33c6408e2a57c3484d1691ecee7c3c1366de2bb8978c8dc66b18425d8cab5a32d1702c13c43703e36148a022263de7166afdce141da2b01169f1c6

    • SSDEEP

      192:e/b2HS5ih/7i00eWz9T7PH6yeFcQMI5+Vw+EXWZ77dslFZk:ewSUmWw9T7MmnI5+/F7Kdk

    Score
    3/10
    • Target

      hypohydrochloria.app

    • Size

      487KB

    • MD5

      271b95b44bbafaf5d68ae0d972e1163a

    • SHA1

      6816bd06b9b638de8e6517dfe7647ce409f2f4c8

    • SHA256

      60412767f4eaea33f06a6a02f3b0975015e75f251ba6cbeee96ac712d0b23f9b

    • SHA512

      cb7a65001cc0dbb63cddcd89166b575bd2612f75100ca47ff8a8162825a5c91a5c2b60b83447f33a7aad1c0f1a7eee4c5f340e5d66141ee59309b59ca461d992

    • SSDEEP

      1536:vGAVO3tWkduBR8240f+rzESOotNlufM+A/:nYQSA6AMIk+A/

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks