guloader | f8abb401812eafff1ca24fbafc67d5cdb34ba384da284b55d5350a5300fb7757 | Triage

Submit
Reports

Overview

overview

Static

static

c82d1d8b8f...76.exe

windows7_x64

1

c82d1d8b8f...76.exe

windows10_x64

Sharing

General

Target

c82d1d8b8fc5cbbf8ee05bee229a3a76.exe
Size

438KB
Sample

210419-a7xg11zm96
MD5

c82d1d8b8fc5cbbf8ee05bee229a3a76
SHA1

eeaba79a2d490544ccf4c75f93e6456ab474f800
SHA256

f8abb401812eafff1ca24fbafc67d5cdb34ba384da284b55d5350a5300fb7757
SHA512

01bd7148e3befa03dd6e548c2c0784849f730165b43dec14f18262b1ee0e592b0e4132f0acf01f9b4d9d46074f0c2b26b5e626cd54d39f88113d10bd684387dc

Score

10^/10

guloader downloader evasion guloader persistence

Static task

static1

Behavioral task

behavioral1

Sample

c82d1d8b8fc5cbbf8ee05bee229a3a76.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c82d1d8b8fc5cbbf8ee05bee229a3a76.exe

Resource

win10v20210408

guloader downloader evasion guloader persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  c82d1d8b8fc5cbbf8ee05bee229a3a76.exe
- Size
  
  438KB
- MD5
  
  c82d1d8b8fc5cbbf8ee05bee229a3a76
- SHA1
  
  eeaba79a2d490544ccf4c75f93e6456ab474f800
- SHA256
  
  f8abb401812eafff1ca24fbafc67d5cdb34ba384da284b55d5350a5300fb7757
- SHA512
  
  01bd7148e3befa03dd6e548c2c0784849f730165b43dec14f18262b1ee0e592b0e4132f0acf01f9b4d9d46074f0c2b26b5e626cd54d39f88113d10bd684387dc
Score

10^/10

guloader downloader evasion guloader persistence
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Guloader Payload
  guloader
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloaderevasionguloaderpersistence

© 2018-2024

Terms | Privacy