guloader | a81076c506153d7ad7ea9e20b73f4d5266ea457a7af35beb437fbf22160c23a5 | Triage

Sharing

General

Target

R_018996_GRUPO+OCLEM_RCL181378_SEPTEMBER_2022.rar
Size

273KB
Sample

221013-ty8brsdce5
MD5

0cddada6c170c4fb5dd959c0e78159be
SHA1

5e4d9c15d6f0fdb9dbece573c9b8c843a19c52a0
SHA256

a81076c506153d7ad7ea9e20b73f4d5266ea457a7af35beb437fbf22160c23a5
SHA512

8b0978533b09ae3e18e652158679abe339fcb5a1103b9ad485257278cb1f1adca86c1e6a4798bdd2cd4754d1eadd2bcb697cd0ab00d640513a67f3c8ee9d5131
SSDEEP

6144:ieMz027ZcMRDxRULP8cT8eakNHrCjvjSD+L0BI8jUha3iQ1OhHR:iPyM9eP8c4XkNHrWvOI4wM3BW

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  R_018996_GRUPO OCLEM_RCL181378_SEPTEMBER_2022.exe
- Size
  
  597KB
- MD5
  
  6a43f35b77a44c42cb33927c4f08797a
- SHA1
  
  0e7d1c52bc14ec2f95c1ef095f565091ace2f1b5
- SHA256
  
  8d9fec419d0893e5b2e6a2f1fbbc70102be16b2aa5fbe3708401d2ee52ab62e9
- SHA512
  
  0d8b3c48c65303ea0bec74a907b85b8bcfdbd8765ef9b3cf33ca0a43d09a17ed0d488d1de3a65b22aede229eead5c84a018a19494434ee7ba1bc4992b0021da8
- SSDEEP
  
  6144:KQA4zfgMigGBfCppM2mxlkxYylRgajBLkjje2zZG9msXoStVb74gW:ecc6TM2mxSjlRb8Hz4Azs6
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloader