guloader | 09cbc4a927cf3177d0fa8046c55e9a7c8904a17620c21bb90dce2d5ad40480ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Factura_20220727_14 PDF.vbs
Size

156KB
Sample

220914-qnx69sebdj
MD5

96c61255da2567fc50c71d0b5b70f3f5
SHA1

815e79094092e3d92ada9723d829bfbd3cf1811f
SHA256

09cbc4a927cf3177d0fa8046c55e9a7c8904a17620c21bb90dce2d5ad40480ec
SHA512

b30578a87934b38240a81b946ddd887076d18f85d40a329def8168fbe48adffca933f425907d1cb890a61148313863f1b4708f862b82cada26b0d89686bc6435
SSDEEP

3072:05km9cmBkV9ZZ91wSLce7b/cUm1QVY0Lb4U4iRtZ80a:qBS95rceX/cUcQi0L8ViRQ

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  Factura_20220727_14 PDF.vbs
- Size
  
  156KB
- MD5
  
  96c61255da2567fc50c71d0b5b70f3f5
- SHA1
  
  815e79094092e3d92ada9723d829bfbd3cf1811f
- SHA256
  
  09cbc4a927cf3177d0fa8046c55e9a7c8904a17620c21bb90dce2d5ad40480ec
- SHA512
  
  b30578a87934b38240a81b946ddd887076d18f85d40a329def8168fbe48adffca933f425907d1cb890a61148313863f1b4708f862b82cada26b0d89686bc6435
- SSDEEP
  
  3072:05km9cmBkV9ZZ91wSLce7b/cUm1QVY0Lb4U4iRtZ80a:qBS95rceX/cUcQi0L8ViRQ
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2