guloader | f22d1ad6c3389e91374dc113c008381fd66e5b1303815a10860a750204e14b19 | Triage

Sharing

General

Target

Ažuriranje_transakcije.img
Size

1.2MB
Sample

220914-hytmtshec5
MD5

2775cf71cabb89e2befce8e9553b5cd5
SHA1

6184e34d22794abcf70a8a2319a4abccfd8986e2
SHA256

f22d1ad6c3389e91374dc113c008381fd66e5b1303815a10860a750204e14b19
SHA512

682ca968874d8feeee272ee5e81932d040d2bcdf2c7e25b3ec64c990192919473afd5c69be371dda353cf2e3a7d402302c207093c122945f43835dad1eb85e65
SSDEEP

6144:ZUj/w6e6+p2897x6q+EYzYXMbKQ9vgdPED60JFtHYh2KOWZ5N:ZqVe6s9FP+aXMezEVTYh2KVZ

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Ažuriranje_transakcije.img
- Size
  
  1.2MB
- MD5
  
  2775cf71cabb89e2befce8e9553b5cd5
- SHA1
  
  6184e34d22794abcf70a8a2319a4abccfd8986e2
- SHA256
  
  f22d1ad6c3389e91374dc113c008381fd66e5b1303815a10860a750204e14b19
- SHA512
  
  682ca968874d8feeee272ee5e81932d040d2bcdf2c7e25b3ec64c990192919473afd5c69be371dda353cf2e3a7d402302c207093c122945f43835dad1eb85e65
- SSDEEP
  
  6144:ZUj/w6e6+p2897x6q+EYzYXMbKQ9vgdPED60JFtHYh2KOWZ5N:ZqVe6s9FP+aXMezEVTYh2KVZ
Score

3^/10
behavioral1 behavioral2 behavioral3
- Target
  
  CHETOPOD.EXE
- Size
  
  607KB
- MD5
  
  7db2db0dcaa5f790dee9accd444793a3
- SHA1
  
  ac665eb094f7e561f1e194610b1d9a3ecc6bb795
- SHA256
  
  1b711ff4863bf024260d860a61f64a5380a042225611c56d3af9e03aaffd72d3
- SHA512
  
  51c06f5280116a6c40347ef91f68558a216a8887b46ce2dd057f9b60af7debd0ba62ad257f82edd8b4fa481cf5e4ddbd3524fa386b69927a0a23e42b8e9cb5bb
- SSDEEP
  
  6144:uUj/w6e6+p2897x6q+EYzYXMbKQ9vgdPED60JFtHYh2KOWZ5NT:uqVe6s9FP+aXMezEVTYh2KVZ/
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral4 behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

guloaderdiscoverydownloader

behavioral6

guloaderdiscoverydownloader