guloader | 1749685f400949145a2b7e36bce060b82c631dd34404458445bc998bcbeed37a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3448s0657610032230b60113125662022.rar
Size

72KB
Sample

220925-mjs5zaeda6
MD5

c6a2fbacaa580a148781538bc39922b5
SHA1

0b963b74a6bc9073823c675f1786433e5fc6385c
SHA256

1749685f400949145a2b7e36bce060b82c631dd34404458445bc998bcbeed37a
SHA512

600b4f24e9997b55ec0c2b0893145346207d7fad3c1b1312dfe09a63a459c3a2e4a2079eccb20fbfa6576a30daecbd6bcb8a6632d4c4f073eda188b00a2e8a56
SSDEEP

1536:vbZHzIHfI92marnKC9Df3RjYfT7ap+fOT1OQwnpVOAT5ySyX+:jNzGJmC1PqXnf0oQwnpVOATkSD

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  3448s0657610032230b60113125662022.vbs
- Size
  
  145KB
- MD5
  
  d4ac433522f0d6fbf7363e19fa1190b3
- SHA1
  
  9f78dd91d1a0b71ad0b139efb802b1e7ae0367c2
- SHA256
  
  8243d6597c7891411c667e2bc943a0482b13af122386f9f5a3e2869be0251f8e
- SHA512
  
  2dac28f3fc002521a3740afd32826bf20d772d1fd1037dbccb7828ff8dc046eacf7521f6b2500d0e6d8b9e7790855f6e33061e94a49a3edf2223bdebb4be97f1
- SSDEEP
  
  3072:05k5e4V8jyw6/OFW22ETmUYUHrsmE1ok9UcZ8ke:niyw6+KET+UHrs79Ul
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader