guloader | 5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56 | Triage

Submit
Reports

Overview

overview

Static

static

5f2a6c6630...56.exe

windows7-x64

5f2a6c6630...56.exe

windows10-2004-x64

Sharing

General

Target

5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56
Size

120KB
Sample

220724-rtmhdsfeg4
MD5

68d86587fb4624c57b3874c5d06a82c0
SHA1

ab9f6e444276c07a2a1106513c0c16c298c0e67d
SHA256

5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56
SHA512

f0be2217b85d405d26c0357375ee650c90d5d7e0fe2b55a04fbbb8b5561f2174d181e01206eef1bbbd9920952aef9868362a80ca6011065a61b1dada3c90db5b

Score

10^/10

guloader downloader guloader

Static task

static1

Behavioral task

behavioral1

Sample

5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56.exe

Resource

win7-20220718-en

guloader downloader guloader

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56.exe

Resource

win10v2004-20220721-en

guloader downloader guloader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

guloader

xor.base64

Targets

- Target
  
  5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56
- Size
  
  120KB
- MD5
  
  68d86587fb4624c57b3874c5d06a82c0
- SHA1
  
  ab9f6e444276c07a2a1106513c0c16c298c0e67d
- SHA256
  
  5f2a6c6630b0cbd63dea1f70b3973bca50cae187b79ec542c9e7c85f558d2f56
- SHA512
  
  f0be2217b85d405d26c0357375ee650c90d5d7e0fe2b55a04fbbb8b5561f2174d181e01206eef1bbbd9920952aef9868362a80ca6011065a61b1dada3c90db5b
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy