guloader | 7132f9426f3bbadaedd15c39968640ffc5ad207b3c8f450d642174e2942f09d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Facturas Pagadas al VencimientoPDF.exe
Size

305KB
Sample

220920-h4yhzaccb3
MD5

ca66a833a47f3c8f28ec46d2e75527df
SHA1

45c53cc691776530bf1c983be3188b6b63fde359
SHA256

7132f9426f3bbadaedd15c39968640ffc5ad207b3c8f450d642174e2942f09d7
SHA512

65b9b95990f13e97aa127de52a226dcb9d2094361e76be2471e8582bb232dfe47e8d1f5343d7c7e8cbbb7d2ce0d2585e9d013fee58a88dc566ac6c76cdb93afa
SSDEEP

6144:Bhgqhw9oAFPZVheNA+ff0RxV4xnXAO0t02HkSq:0qknhe2e6nUXkW24

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Facturas Pagadas al VencimientoPDF.exe
- Size
  
  305KB
- MD5
  
  ca66a833a47f3c8f28ec46d2e75527df
- SHA1
  
  45c53cc691776530bf1c983be3188b6b63fde359
- SHA256
  
  7132f9426f3bbadaedd15c39968640ffc5ad207b3c8f450d642174e2942f09d7
- SHA512
  
  65b9b95990f13e97aa127de52a226dcb9d2094361e76be2471e8582bb232dfe47e8d1f5343d7c7e8cbbb7d2ce0d2585e9d013fee58a88dc566ac6c76cdb93afa
- SSDEEP
  
  6144:Bhgqhw9oAFPZVheNA+ff0RxV4xnXAO0t02HkSq:0qknhe2e6nUXkW24
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader