guloader | cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08 | Triage

Submit
Reports

Overview

overview

Static

static

cfd2f38d9e...08.exe

windows7-x64

cfd2f38d9e...08.exe

windows10-2004-x64

Sharing

General

Target

cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08
Size

104KB
Sample

220724-rtpyhsfgal
MD5

622a36b956cd48d3115dd61a15838c01
SHA1

33c815f58508bfcb165bfdf04ce1cb037bc32608
SHA256

cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08
SHA512

e85aa95b4636e852ffdfe9dcb01fdd69e4906b3a06453fa80217c560679da226edb8c87c7947d7a9ebc5428b73fc1757d0b2fcafa806794e4dca026a9602d6d5

Score

10^/10

guloader downloader guloader

Static task

static1

Behavioral task

behavioral1

Sample

cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08.exe

Resource

win7-20220718-en

guloader downloader guloader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08.exe

Resource

win10v2004-20220721-en

guloader downloader guloader

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1idPHLJ12aUPBxrHAWLPhsoylYnBkX85o

xor.base64

Targets

- Target
  
  cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08
- Size
  
  104KB
- MD5
  
  622a36b956cd48d3115dd61a15838c01
- SHA1
  
  33c815f58508bfcb165bfdf04ce1cb037bc32608
- SHA256
  
  cfd2f38d9e2c3e90ca1a7ac9d0b0eed5fdc56eaf8322fa6298a3376409969c08
- SHA512
  
  e85aa95b4636e852ffdfe9dcb01fdd69e4906b3a06453fa80217c560679da226edb8c87c7947d7a9ebc5428b73fc1757d0b2fcafa806794e4dca026a9602d6d5
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy