guloader | ea05f1dffbae363bb1091cacbcb370f910108358c7033d9868750e7bd7090323 | Triage

Submit
Reports

Overview

overview

Static

static

INOTEC_2.exe

windows7-x64

7

INOTEC_2.exe

windows10-2004-x64

Sharing

General

Target

INOTEC-220905-Q166639.IMG
Size

1.2MB
Sample

221205-jqdgbaea3s
MD5

ad1e17e8fb0b209f9ec9e5076d3c9d91
SHA1

47c6773bc62ffa84ae657ed2392eecef52020a1a
SHA256

ea05f1dffbae363bb1091cacbcb370f910108358c7033d9868750e7bd7090323
SHA512

d2bc13d4eedbd590846f4b11ec84aae62af704e5cc0017c1731ff80f703ab26299d3575d5517ef1426487b792ed4e50ecfc29f9f56090022a39a178aeab0240e
SSDEEP

12288:HTB5cSsUi3HHHHHHHHDHHHHHBTBjSHkdn:HTBkhFdjAI

Score

10^/10

guloader downloader

Static task

static1

Behavioral task

behavioral1

Sample

INOTEC_2.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

INOTEC_2.exe

Resource

win10v2004-20220812-en

guloader downloader

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  INOTEC_2.EXE
- Size
  
  169KB
- MD5
  
  8ff7c96b2218d2400901e8417c7c6a12
- SHA1
  
  5067b6768d44ddd4b8690d736e898e1110812101
- SHA256
  
  a448010df285f59fb02b73a897724240329fa6cf75e2f3a71ff4ecf47d441743
- SHA512
  
  e9802a109ba2d7871550a66f0c71c38ee7e51fb02924dccea21317c85db7a59b938b4a7043f0c21ada57320794c8c4cc4a649d6b5667832f127ca1b8487f1757
- SSDEEP
  
  3072:UNRCywDw1DiJkugfBcOzEpMjslWGll1WllWUi6MHHHHHHHHDHHHHHY6TfBNIOj/6:UT4Dtc5cGnjsUi3HHHHHHHHDHHHHH1bo
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloader

© 2018-2024

Terms | Privacy