guloader | 3bdae5ecd4996bc241fc39485166b3536edd5aec21e7459ac513541d8a71c00f | Triage

Sharing

General

Target

transferencia.vbs
Size

298KB
Sample

220919-xhe7tsgghj
MD5

f61478b87dd73535b2a1b998760a08ba
SHA1

327ee28eaf24058740392590be943ad992009377
SHA256

3bdae5ecd4996bc241fc39485166b3536edd5aec21e7459ac513541d8a71c00f
SHA512

7094fea230f6d59fc5643afe474ea386a1070573b682bd128d2a76cb1746e1508e0759c7cc6721ad99636cf6858563670e6ddad7feddc9ac91cafcf404600e5a
SSDEEP

6144:m+bYUm066/b0kEM6z93AhwyfhfdhYZpn1pdZ2C6KbW8X74t/QRNYeo:mn06GOM6Zwhw0g4KLAQXo

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  transferencia.vbs
- Size
  
  298KB
- MD5
  
  f61478b87dd73535b2a1b998760a08ba
- SHA1
  
  327ee28eaf24058740392590be943ad992009377
- SHA256
  
  3bdae5ecd4996bc241fc39485166b3536edd5aec21e7459ac513541d8a71c00f
- SHA512
  
  7094fea230f6d59fc5643afe474ea386a1070573b682bd128d2a76cb1746e1508e0759c7cc6721ad99636cf6858563670e6ddad7feddc9ac91cafcf404600e5a
- SSDEEP
  
  6144:m+bYUm066/b0kEM6z93AhwyfhfdhYZpn1pdZ2C6KbW8X74t/QRNYeo:mn06GOM6Zwhw0g4KLAQXo
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloader