General
-
Target
JaffaCakes118_61b0c23817191551450282f600447e54a47297c2685eec81598a3daf63b16155
-
Size
68KB
-
Sample
241221-1st1hs1je1
-
MD5
0162ff949c8c278e62c3eb57fd510d42
-
SHA1
dd8a4d3bd394bd1f5492640a8a26722110d58e03
-
SHA256
61b0c23817191551450282f600447e54a47297c2685eec81598a3daf63b16155
-
SHA512
f1bbecc6a7e4c4b38a76826d202aeae590c94fde92391b120f52ff7584be13e4b0230aa62f3efdcf3bcb7279dfe949bc319506a9f7af8df1a24dab5bb18a868d
-
SSDEEP
768:jwXBOpfK7ckw8TfuXZcYqomMjk5Nw7HqeuMmPAPkGB02WQq0/o4JCChP:jwsK7ck/zuXZAMCiq1Mm4nBPWQjo4Jd
Malware Config
Extracted
guloader
https://onedrive.live.com/download?cid=1B6E6032CE5E4651&resid=1B6E6032CE5E4651%212074&authkey=AOvT7-22YNVt_qw
Targets
-
-
Target
JaffaCakes118_61b0c23817191551450282f600447e54a47297c2685eec81598a3daf63b16155
-
Size
68KB
-
MD5
0162ff949c8c278e62c3eb57fd510d42
-
SHA1
dd8a4d3bd394bd1f5492640a8a26722110d58e03
-
SHA256
61b0c23817191551450282f600447e54a47297c2685eec81598a3daf63b16155
-
SHA512
f1bbecc6a7e4c4b38a76826d202aeae590c94fde92391b120f52ff7584be13e4b0230aa62f3efdcf3bcb7279dfe949bc319506a9f7af8df1a24dab5bb18a868d
-
SSDEEP
768:jwXBOpfK7ckw8TfuXZcYqomMjk5Nw7HqeuMmPAPkGB02WQq0/o4JCChP:jwsK7ck/zuXZAMCiq1Mm4nBPWQjo4Jd
Score10/10-
Guloader family
-
Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-