guloader | b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19 | Triage

Submit
Reports

Overview

overview

Static

static

b69caaef59...19.exe

windows7-x64

b69caaef59...19.exe

windows10-2004-x64

Sharing

General

Target

b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
Size

68KB
Sample

220725-e2v4aaegej
MD5

b9c10800e4b2245306057caa1dac0704
SHA1

dfc1723db08203c810f4c3275f8b4b8f74e49c23
SHA256

b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
SHA512

72db923625f429479817b61d49f6d930e8c2548c8d1b02e22897fd9d106e8ecfe3bb8be88465f372553312cd9a5b5d235dbf84801ffc09e4ff9092f66d43a2ea

Score

10^/10

guloader downloader guloader

Static task

static1

Behavioral task

behavioral1

Sample

b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19.exe

Resource

win7-20220718-en

guloader downloader guloader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19.exe

Resource

win10v2004-20220721-en

guloader downloader guloader

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1Qv9IyiWXodx2L9TJuKBQsIJ32rn-Ayuq

xor.base64

Targets

- Target
  
  b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
- Size
  
  68KB
- MD5
  
  b9c10800e4b2245306057caa1dac0704
- SHA1
  
  dfc1723db08203c810f4c3275f8b4b8f74e49c23
- SHA256
  
  b69caaef596715a5ead5aac8af29f95d18454eef8081f3931fa7e9d3663a0c19
- SHA512
  
  72db923625f429479817b61d49f6d930e8c2548c8d1b02e22897fd9d106e8ecfe3bb8be88465f372553312cd9a5b5d235dbf84801ffc09e4ff9092f66d43a2ea
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy