guloader | d379ffe32dfb2d6d386b6d9c3cbae49e49241ac25a14d2974c286bfa45aa50b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DHL_Shipment-Notification_5596073630-QURY-93838392-27273827273-courier.exe
Size

731KB
Sample

220922-mhm8bsbbg9
MD5

c527577c792fd2e154ee3e816750098d
SHA1

00d6a00c2ca803b4f898d70e60c887245e1a0245
SHA256

d379ffe32dfb2d6d386b6d9c3cbae49e49241ac25a14d2974c286bfa45aa50b9
SHA512

f30a873fcd69facf070f704c230130aa7f475d1275d6d3ed770dd0c2df22342a4dafdf3dec46553e3054efb6123cf03e2485ea91d1fc301088eb0c6508e8392e
SSDEEP

12288:3S4U2+shYdbN7t1TTO0U5vG1miy2TCjkRygfkSxAkeXpAJ1+wwJytgfw:C4X+shYdbVrTTODdJiy2Wj6yS3IGhwJG

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  DHL_Shipment-Notification_5596073630-QURY-93838392-27273827273-courier.exe
- Size
  
  731KB
- MD5
  
  c527577c792fd2e154ee3e816750098d
- SHA1
  
  00d6a00c2ca803b4f898d70e60c887245e1a0245
- SHA256
  
  d379ffe32dfb2d6d386b6d9c3cbae49e49241ac25a14d2974c286bfa45aa50b9
- SHA512
  
  f30a873fcd69facf070f704c230130aa7f475d1275d6d3ed770dd0c2df22342a4dafdf3dec46553e3054efb6123cf03e2485ea91d1fc301088eb0c6508e8392e
- SSDEEP
  
  12288:3S4U2+shYdbN7t1TTO0U5vG1miy2TCjkRygfkSxAkeXpAJ1+wwJytgfw:C4X+shYdbVrTTODdJiy2Wj6yS3IGhwJG
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloader