guloader | 4467a4d94521a71091a1c74f46af0b10a2aa1dd8764152e80af31c26b2809f45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.Malware-gen.25315.exe
Size

600KB
Sample

220913-wcbrsagbd7
MD5

e25664d634a0522b9b94f1ad4ddcb954
SHA1

90b2c5f6b6111e5f905d5c62672cba661552e26f
SHA256

4467a4d94521a71091a1c74f46af0b10a2aa1dd8764152e80af31c26b2809f45
SHA512

63a9661f9274e34a4087748899e5f3fbbdc29eb3f203c13d2fc06b9ddab92c0a87b890f09eb9ab4a54f0a7376d3b78b7397d3f4bd142205e6d547671406887f5
SSDEEP

6144:8Uj/w6e6+p2897x6q+EYzYXzxuqJGOjqb82KOWZ5Ik:8qVe6s9FP+aXzx9JDqY2KVZT

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Win32.Malware-gen.25315.exe
- Size
  
  600KB
- MD5
  
  e25664d634a0522b9b94f1ad4ddcb954
- SHA1
  
  90b2c5f6b6111e5f905d5c62672cba661552e26f
- SHA256
  
  4467a4d94521a71091a1c74f46af0b10a2aa1dd8764152e80af31c26b2809f45
- SHA512
  
  63a9661f9274e34a4087748899e5f3fbbdc29eb3f203c13d2fc06b9ddab92c0a87b890f09eb9ab4a54f0a7376d3b78b7397d3f4bd142205e6d547671406887f5
- SSDEEP
  
  6144:8Uj/w6e6+p2897x6q+EYzYXzxuqJGOjqb82KOWZ5Ik:8qVe6s9FP+aXzx9JDqY2KVZT
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader