guloader | 7dcbdd10f6e8cdf4c3d982ad15810b978a9b269f8ff525ec1e9187a4d0baf715 | Triage

Sharing

General

Target

receipt_001546037_pdf.exe
Size

168KB
Sample

220924-rqznjscgar
MD5

ed26a5be5bfa6cfc95f1366e3efc60e1
SHA1

735d11ea394dcf7cab701af8c63d046a5092cd2c
SHA256

7dcbdd10f6e8cdf4c3d982ad15810b978a9b269f8ff525ec1e9187a4d0baf715
SHA512

cb91472e9548fae2c0b4bc431dca8acef512e1cb9c5b7f2a0b47b97c1011c2f63025bcae3eda6dff9482ff9371fabc5e0ca2c348082716cb794a694dce3e76f1
SSDEEP

3072:x/c/d6j3AaTzfYbFj2Q7M4ZmXIqPpM0xhaxC0dO8c5JZwrmVQt4rgjSy9HdcKSZN:x/c/43A4SFDJUPS0xN8OjRjqEgjSyz+N

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  receipt_001546037_pdf.exe
- Size
  
  168KB
- MD5
  
  ed26a5be5bfa6cfc95f1366e3efc60e1
- SHA1
  
  735d11ea394dcf7cab701af8c63d046a5092cd2c
- SHA256
  
  7dcbdd10f6e8cdf4c3d982ad15810b978a9b269f8ff525ec1e9187a4d0baf715
- SHA512
  
  cb91472e9548fae2c0b4bc431dca8acef512e1cb9c5b7f2a0b47b97c1011c2f63025bcae3eda6dff9482ff9371fabc5e0ca2c348082716cb794a694dce3e76f1
- SSDEEP
  
  3072:x/c/d6j3AaTzfYbFj2Q7M4ZmXIqPpM0xhaxC0dO8c5JZwrmVQt4rgjSy9HdcKSZN:x/c/43A4SFDJUPS0xN8OjRjqEgjSyz+N
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2