guloader | 0efab306a6a0d7f504ba67daf3f3e4a539a3f34f2aa59e4907223267aa5bcffd | Triage

Sharing

General

Target

0efab306a6a0d7f504ba67daf3f3e4a539a3f34f2aa59e4907223267aa5bcffd
Size

1.2MB
Sample

220130-ty64psfah8
MD5

fa77adbbf1513668baadda5d3dd02ccf
SHA1

0d0f1b9e8bc9da42fa0c7ae51ff44b4781741d68
SHA256

0efab306a6a0d7f504ba67daf3f3e4a539a3f34f2aa59e4907223267aa5bcffd
SHA512

9a3d89337ca6b014cb6f55928cb4148f46770cbfe016ccfdd2912b967e27491d4a0f5b1aded45f8b6ae4be03a6a32cf631162a8e5afacb5eeb26601aa4e1e53e

Score

10^/10

guloader downloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1ElnJFTl_5Lmt6btEWOfaeojLtolcwyIH

xor.base64

Targets

- Target
  
  PICKUP_C.EXE
- Size
  
  36KB
- MD5
  
  987543cbda9615c7b689e12591d8ec3a
- SHA1
  
  a4ccbacc48e934102bb7ae3d67e9a63a8619ca63
- SHA256
  
  489bb93a106a7504494801723218ac5d82a12e81f39ed3fdad798c208d324959
- SHA512
  
  4e770465356eaff67a7ed9cb387c8d433fcc531efa27fb8100f8c76197cecd2ed56415067fdb5f615cbf3123c1fbd470eb937230f7f13245b26c1127c3508256
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader