guloader | 261fd97d96d213ebbb0add61ced1a5e913389078a52d4bd1036203f16cd11981 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

potwierdze...84.vbs

windows7-x64

potwierdze...84.vbs

windows10-2004-x64

8

Sharing

General

Target

potwierdzenie wpłaty-021784.vbs
Size

188KB
Sample

220927-l6sx2secfr
MD5

68551303b71795b507434b77679f5796
SHA1

c198cb2cc41fbb62e3993bbff7d5931403cab2ed
SHA256

261fd97d96d213ebbb0add61ced1a5e913389078a52d4bd1036203f16cd11981
SHA512

a33cbdb1d9a62b5f00634bf1e974fc209d01ac0bb8a21a9cafaedc867975d4681e1bf7c4a7edba8c16c67fb334e0116cb3d58ef9b760339307f527f434a7c660
SSDEEP

3072:FyBpnpcufxKYM6++ct//47uJQ+xNIga/v5GycoOEPQfevM8K4Ec5C+O8:FCn3ZKEi//WuJlIga/hGycoOEPSe3EcF

Score

10^/10

guloader downloader

Static task

static1

Behavioral task

behavioral1

Sample

potwierdzenie wpłaty-021784.vbs

Resource

win7-20220812-en

guloader downloader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

potwierdzenie wpłaty-021784.vbs

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  potwierdzenie wpłaty-021784.vbs
- Size
  
  188KB
- MD5
  
  68551303b71795b507434b77679f5796
- SHA1
  
  c198cb2cc41fbb62e3993bbff7d5931403cab2ed
- SHA256
  
  261fd97d96d213ebbb0add61ced1a5e913389078a52d4bd1036203f16cd11981
- SHA512
  
  a33cbdb1d9a62b5f00634bf1e974fc209d01ac0bb8a21a9cafaedc867975d4681e1bf7c4a7edba8c16c67fb334e0116cb3d58ef9b760339307f527f434a7c660
- SSDEEP
  
  3072:FyBpnpcufxKYM6++ct//47uJQ+xNIga/v5GycoOEPQfevM8K4Ec5C+O8:FCn3ZKEi//WuJlIga/hGycoOEPSe3EcF
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

© 2018-2025

Terms | Privacy