guloader | f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9 | Triage

Submit
Reports

Overview

overview

Static

static

f39868afc3...c9.exe

windows7_x64

f39868afc3...c9.exe

windows10-2004_x64

Sharing

General

Target

f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9
Size

48KB
Sample

220701-rme5qshdd2
MD5

d120e258db354f2b121dc01608ce6324
SHA1

36a391d9bdce02008e3f798d92c417fde7b493b3
SHA256

f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9
SHA512

7085fed90d6e97772b30285cf0a800d5a5adb49847186c581c8cfd335e50133677ce1b39d78c31fe31879cfe6acf955600692d96f175dda1c8555214001a99b5

Score

10^/10

guloader downloader guloader

Static task

static1

Behavioral task

behavioral1

Sample

f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9.exe

Resource

win7-20220414-en

guloader downloader guloader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9.exe

Resource

win10v2004-20220414-en

guloader downloader guloader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

guloader

C2

https://onedrive.live.com/download?cid=CEFBB02AE9E0EB60&resid=CEFBB02AE9E0EB60%21124&authkey=AG9U2_atifsdNEo

xor.base64

Targets

- Target
  
  f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9
- Size
  
  48KB
- MD5
  
  d120e258db354f2b121dc01608ce6324
- SHA1
  
  36a391d9bdce02008e3f798d92c417fde7b493b3
- SHA256
  
  f39868afc36134c4fd83917dc3a2248dc1d0dfc8f3d22c81671a571935d6c6c9
- SHA512
  
  7085fed90d6e97772b30285cf0a800d5a5adb49847186c581c8cfd335e50133677ce1b39d78c31fe31879cfe6acf955600692d96f175dda1c8555214001a99b5
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader Payload
  guloader
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy