guloader | 6bf5c3ab025b9c8e202dc5e5788e2f45c5f38be0a4996dae94d5a297dfb247fb | Triage

Sharing

General

Target

SecuriteInfo.com.Variant.Tedy.213871.21958.4510.exe
Size

171KB
Sample

220929-qykc6abad2
MD5

033552f5ab88901665fa7cd7fd0745a2
SHA1

30b265af33a3c1a0dcf86a3a3c82ded699c1350c
SHA256

6bf5c3ab025b9c8e202dc5e5788e2f45c5f38be0a4996dae94d5a297dfb247fb
SHA512

52242481d9209f395e207b2daeb168d9daebbc2756e622ef56b9bac663f8b482ac268febaa9c0356cbdd28d5347bb994ac207f6dfe35c96c4f35510ddc3780c6
SSDEEP

3072:EcL0bUTppDAYzItWo4ugABedHM9WaM+uf4zeeqjwa28Z45NR59d78nMEZfSH:ubUTp16fR2aM+uAzUjwa28y5NRx612

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Variant.Tedy.213871.21958.4510.exe
- Size
  
  171KB
- MD5
  
  033552f5ab88901665fa7cd7fd0745a2
- SHA1
  
  30b265af33a3c1a0dcf86a3a3c82ded699c1350c
- SHA256
  
  6bf5c3ab025b9c8e202dc5e5788e2f45c5f38be0a4996dae94d5a297dfb247fb
- SHA512
  
  52242481d9209f395e207b2daeb168d9daebbc2756e622ef56b9bac663f8b482ac268febaa9c0356cbdd28d5347bb994ac207f6dfe35c96c4f35510ddc3780c6
- SSDEEP
  
  3072:EcL0bUTppDAYzItWo4ugABedHM9WaM+uf4zeeqjwa28Z45NR59d78nMEZfSH:ubUTp16fR2aM+uAzUjwa28y5NRx612
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader