GUNTERS
Description
(SentinelLabs) During our analysis of Moshen Dragon’s activities, we came across a passive loader previously discussed by Avast as ‘GUNTERS’. This backdoor appears to be highly targeted as it performs checks to verify that it is executed on the right machine.
Before execution, the malware calculates the hash of the machine hostname and compares it to a hardcoded value, suggesting that the threat actor generates a different DLL for each target machine.
Names
Name |
---|
GUNTERS |
Category
Malware
Type
- Loader
Information
Other Information
Uuid
7281a8c8-1920-4367-b98b-198cd8f49d3a
Last Card Change
2022-05-03