guloader | 233640b77bcb1840df2bfa81425197bba0cf97bec7eda35a2c46b314840faa8d | Triage

Sharing

General

Target

INVO-0987654345678.exe
Size

343KB
Sample

220928-hdggrsgcgl
MD5

31fca943db091aa420cc11194740190f
SHA1

5935496311ca99c83ea08bdf6294997163502e70
SHA256

233640b77bcb1840df2bfa81425197bba0cf97bec7eda35a2c46b314840faa8d
SHA512

a2f5507c78d475146f827c6f5d80231c506e462dff4453809afde9e542cb8541eb1bde2c59b8f6e2f0f043e9eed2f6f8cc6212959bc23c5b15c2074182e3dd75
SSDEEP

3072:q1T//IHWyWJADJuLxh0VqBoU3LAzPbbUAR2YOTJdJtuyKFQNNCg7XneldEsznxg:8//I2y34WVqB0DLrOTbuyKSCAneld7m

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  INVO-0987654345678.exe
- Size
  
  343KB
- MD5
  
  31fca943db091aa420cc11194740190f
- SHA1
  
  5935496311ca99c83ea08bdf6294997163502e70
- SHA256
  
  233640b77bcb1840df2bfa81425197bba0cf97bec7eda35a2c46b314840faa8d
- SHA512
  
  a2f5507c78d475146f827c6f5d80231c506e462dff4453809afde9e542cb8541eb1bde2c59b8f6e2f0f043e9eed2f6f8cc6212959bc23c5b15c2074182e3dd75
- SSDEEP
  
  3072:q1T//IHWyWJADJuLxh0VqBoU3LAzPbbUAR2YOTJdJtuyKFQNNCg7XneldEsznxg:8//I2y34WVqB0DLrOTbuyKSCAneld7m
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader