guloader | afd5f9c1042e4440a8ab7518fdeb992d525ad9b5075a1dd47ba4774e88fb6910 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afd5f9c1042e4440a8ab7518fdeb992d525ad9b5075a1dd47ba4774e88fb6910.exe
Size

123KB
Sample

220908-fwnbxsdfe8
MD5

7c4d4080bdd13425e20850a20939f561
SHA1

f9a140fdc8b3e86d6024f91eaad7f38b9a598fad
SHA256

afd5f9c1042e4440a8ab7518fdeb992d525ad9b5075a1dd47ba4774e88fb6910
SHA512

a8dfaa7914b6aea17a4d2f09d25117ebd043397052c03b213bc31aaf5d7c9e9b1e9ff86b1b52d7d57ad3eb3a31b9b06428cc08e28c0c048ad3aa40a735183644
SSDEEP

3072:WuxVUg3yGDRb8lc7uEUWDBD5iXME6pIb3H7:JgORaHsaXM83b

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  afd5f9c1042e4440a8ab7518fdeb992d525ad9b5075a1dd47ba4774e88fb6910.exe
- Size
  
  123KB
- MD5
  
  7c4d4080bdd13425e20850a20939f561
- SHA1
  
  f9a140fdc8b3e86d6024f91eaad7f38b9a598fad
- SHA256
  
  afd5f9c1042e4440a8ab7518fdeb992d525ad9b5075a1dd47ba4774e88fb6910
- SHA512
  
  a8dfaa7914b6aea17a4d2f09d25117ebd043397052c03b213bc31aaf5d7c9e9b1e9ff86b1b52d7d57ad3eb3a31b9b06428cc08e28c0c048ad3aa40a735183644
- SSDEEP
  
  3072:WuxVUg3yGDRb8lc7uEUWDBD5iXME6pIb3H7:JgORaHsaXM83b
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader