guloader | 49d777aff9d282095b6d8e7d26937d579869056e895c23efefbfea2775937f69 | Triage

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7v20210410
submitted
26-07-2021 14:39

Sharing

Report Analysis Logs

General

Target

264a4f1da5163ba11190d5b3cab35418.exe
Size

265KB
MD5

264a4f1da5163ba11190d5b3cab35418
SHA1

c6e81fa82210b02cc29ac9905684e043e5db805e
SHA256

49d777aff9d282095b6d8e7d26937d579869056e895c23efefbfea2775937f69
SHA512

ff6c9bcf38fc03e01283a213de0f773ab3c5ecc5f7243c36427c4c546e96195bfb6d1f0ca7a44f3efe2fa1932b99bf274f121a121437f74da90c5d3223749774

Score

10^/10

guloader downloader

Malware Config

Signatures

Guloader,Cloudeye
A shellcode based downloader first seen in 2020.
downloader guloader
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

264a4f1da5163ba11190d5b3cab35418.exe

pid process

484 264a4f1da5163ba11190d5b3cab35418.exe

C:\Users\Admin\AppData\Local\Temp\264a4f1da5163ba11190d5b3cab35418.exe
"C:\Users\Admin\AppData\Local\Temp\264a4f1da5163ba11190d5b3cab35418.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:484

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/484-61-0x0000000000240000-0x000000000024E000-memory.dmp

Filesize
56KB

Download