34.0.0 Boulder Opal
IR
527918
CloudBasic
15:29:30
24/11/2021
FACTURAS.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
ab63f9ba38d9eb4f8bd57ae56a844a31
bf1c2a15553f893ff180a307dcb5805c6e440158
5d14499fc44a623454a0518972ba97be883b0394f16f08b4265e46ff12ebfeb3
Win32 Executable (generic) a (10002005/4) 99.15%
true
false
false
false
72
0
100
5
0
5
false
C:\Users\user\AppData\Local\Temp\~DF26AA5308F7227456.TMP
false
19809EDD1FF00A1D7C105BC58A97CD02
26FB6D339CF2A7474DE6F785166163FA9B2ADBB1
4745D04A4BB99D70866D722394D9E71F3FAE597AA84E229A1E3B40F31521594C
Found malware configuration
Found potential dummy code loops (likely to delay analysis)
Multi AV Scanner detection for submitted file
Yara detected GuLoader
C2 URLs / IPs found in malware configuration