34.0.0 Boulder Opal
IR
527899
CloudBasic
15:05:14
24/11/2021
REVGKXx6Ns.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
7c91db57c98a1f0e38ba65ed651b4779
28cb0d40a73c1a421a9720808d49da010f9ff4ef
12992fe3f998693d92625c53bf5aa6723e87c8c3fb7057dbba4b334742cab376
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
76
0
100
5
0
5
false
C:\Users\user\AppData\Local\Temp\~DF6497174BCC55AD21.TMP
false
6C4C01A4316CD9338DE51EC175EBF11D
8C5D5B07E0ED6AAC72705F516E25BEAEA891EFA0
95876F7C1242672418DB201C02D70276EE9CC4345394DEAD3500619A39DA28F0
Found malware configuration
Multi AV Scanner detection for submitted file
C2 URLs / IPs found in malware configuration
Found potential dummy code loops (likely to delay analysis)
Machine Learning detection for sample
Yara detected GuLoader