guloader | 722ac7ec70c350b4a1e82e2674290a5d4f590de3908cb61a2fd4158130d3a0c5 | Triage

Sharing

General

Target

722ac7ec70c350b4a1e82e2674290a5d4f590de3908cb61a2fd4158130d3a0c5.exe
Size

632KB
Sample

220915-wtpd7sdgc8
MD5

dace754582e6d60e2b26463e49f38bd8
SHA1

6fb3d0b89b5e965e40b4902f0f6fca28855836be
SHA256

722ac7ec70c350b4a1e82e2674290a5d4f590de3908cb61a2fd4158130d3a0c5
SHA512

9a53417b294fa247c0efbc8f0ebbc9c10a75c299cc2a45f373927795d889ca8923f5ece7f6b09696542b82b14eb87debbce2727cb45af691907155bbc7214086
SSDEEP

12288:mgDX/G7k2F1axoSAtT/ljZhsQTNTpi17U2nFsIwAZJDIh8:7/ak2F1aiSAtT/l12gTgpUwaIwAjL

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  722ac7ec70c350b4a1e82e2674290a5d4f590de3908cb61a2fd4158130d3a0c5.exe
- Size
  
  632KB
- MD5
  
  dace754582e6d60e2b26463e49f38bd8
- SHA1
  
  6fb3d0b89b5e965e40b4902f0f6fca28855836be
- SHA256
  
  722ac7ec70c350b4a1e82e2674290a5d4f590de3908cb61a2fd4158130d3a0c5
- SHA512
  
  9a53417b294fa247c0efbc8f0ebbc9c10a75c299cc2a45f373927795d889ca8923f5ece7f6b09696542b82b14eb87debbce2727cb45af691907155bbc7214086
- SSDEEP
  
  12288:mgDX/G7k2F1axoSAtT/ljZhsQTNTpi17U2nFsIwAZJDIh8:7/ak2F1aiSAtT/l12gTgpUwaIwAjL
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader