33.0.0 White Diamond
IR
482656
CloudBasic
00:53:03
14/09/2021
usd15.030 payment copy & signed invoice SEPTEMBER 2021 shipment.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
257e1f881863b023fcddaedb2ac22e68
9cff8e3a2a2cb5ad3acba8d4260b2581e0098ac9
856d455d07bff404e39b422f1ad0bbff9397707c86670dbc1134729b44a8c868
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
84
0
100
5
0
5
false
Found malware configuration
Potential malicious icon found
Initial sample is a PE file and has a suspicious name
Executable has a suspicious name (potential lure to open the executable)
C2 URLs / IPs found in malware configuration
Found potential dummy code loops (likely to delay analysis)
Machine Learning detection for sample
Yara detected GuLoader