guloader | 87295ae2b5ddbe35428c1f02a019bf9ec377e861fb9a3f687324980441055df3 | Triage

Sharing

General

Target

Quantitativeness.exe
Size

243KB
Sample

221018-rey8msgcgr
MD5

75bc6cd388e887a4d3407a4a9b423c1f
SHA1

0d880b57e21cf6858093654ee4ff7d576d63f44c
SHA256

87295ae2b5ddbe35428c1f02a019bf9ec377e861fb9a3f687324980441055df3
SHA512

55c50c430684bdcbcded282226755342f9b1b77c370dc1a39fc23da19e4dee2395ff022d6aac317c98ef3cfff412a4bc261cd4db61445afcccf5fe340631409b
SSDEEP

3072:/TJ4TJdRVDZ6Lt+uZnaC2MVzQC7ql5v8NBjsSzi6h8XFhSLj8fyhUnPYUkiWYLoL:/VGdx6xa6h8Xly6AUkfVJRpOK3TPJTZl

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Quantitativeness.exe
- Size
  
  243KB
- MD5
  
  75bc6cd388e887a4d3407a4a9b423c1f
- SHA1
  
  0d880b57e21cf6858093654ee4ff7d576d63f44c
- SHA256
  
  87295ae2b5ddbe35428c1f02a019bf9ec377e861fb9a3f687324980441055df3
- SHA512
  
  55c50c430684bdcbcded282226755342f9b1b77c370dc1a39fc23da19e4dee2395ff022d6aac317c98ef3cfff412a4bc261cd4db61445afcccf5fe340631409b
- SSDEEP
  
  3072:/TJ4TJdRVDZ6Lt+uZnaC2MVzQC7ql5v8NBjsSzi6h8XFhSLj8fyhUnPYUkiWYLoL:/VGdx6xa6h8Xly6AUkfVJRpOK3TPJTZl
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloader