guloader | ed831551750605c0aabfd50be520871638512bf010aadf824d4a008ae7f1cfcc | Triage

Sharing

General

Target

203538340-133224-sanlccjavap0003-1.vbs
Size

145KB
Sample

220914-qnx69sadg2
MD5

706af9b77cf8ac90b47b799c81aac8a4
SHA1

f614bfea2ba1c77001e7e1faeb24d203c7ff20fb
SHA256

ed831551750605c0aabfd50be520871638512bf010aadf824d4a008ae7f1cfcc
SHA512

f494ab50f0de18def671a30e93b870120bc2e17d4cea2b0e5556204efd5f47dc8765f43d1e661fc52711fe72ef7030c7347ebb3f70300aa775b054aad498f36f
SSDEEP

3072:05kfPLKXc+LdvTwYSABN13pP9HPgVpaTqogA5kSe6PZ8qs:hLKXcWlSgD3pP9q8Tqo3ZO

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  203538340-133224-sanlccjavap0003-1.vbs
- Size
  
  145KB
- MD5
  
  706af9b77cf8ac90b47b799c81aac8a4
- SHA1
  
  f614bfea2ba1c77001e7e1faeb24d203c7ff20fb
- SHA256
  
  ed831551750605c0aabfd50be520871638512bf010aadf824d4a008ae7f1cfcc
- SHA512
  
  f494ab50f0de18def671a30e93b870120bc2e17d4cea2b0e5556204efd5f47dc8765f43d1e661fc52711fe72ef7030c7347ebb3f70300aa775b054aad498f36f
- SSDEEP
  
  3072:05kfPLKXc+LdvTwYSABN13pP9HPgVpaTqogA5kSe6PZ8qs:hLKXcWlSgD3pP9q8Tqo3ZO
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader