guloader | c7db6e155ac962033e49e10f6578d9d13dd7a81823a248fd1cbf90310fae9b70 | Triage

Sharing

General

Target

c7db6e155ac962033e49e10f6578d9d13dd7a81823a248fd1cbf90310fae9b70
Size

590KB
Sample

221207-et4qfsde44
MD5

46b340246f25b395df2e16f381384ca5
SHA1

9723536e6befabff8e709d950effc562321c9fa9
SHA256

c7db6e155ac962033e49e10f6578d9d13dd7a81823a248fd1cbf90310fae9b70
SHA512

e789d7a138ae8404794f6e6489a7006e08269b653342a5f537fe7f09ddd92f9fffc8a0baae6ac0ef3ef6f15b8568731e63e569d38fbf2ce42b30f153cfe28a69
SSDEEP

6144:rbE/HUUruEmIHsVsoxBfFQbVT90k9Qm927mrBmnX82KdAzPbkObVSieJ+z2ZGzfV:rbfmwFpoQm92qulKdAzz7ZffGj7PYmc

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  c7db6e155ac962033e49e10f6578d9d13dd7a81823a248fd1cbf90310fae9b70
- Size
  
  590KB
- MD5
  
  46b340246f25b395df2e16f381384ca5
- SHA1
  
  9723536e6befabff8e709d950effc562321c9fa9
- SHA256
  
  c7db6e155ac962033e49e10f6578d9d13dd7a81823a248fd1cbf90310fae9b70
- SHA512
  
  e789d7a138ae8404794f6e6489a7006e08269b653342a5f537fe7f09ddd92f9fffc8a0baae6ac0ef3ef6f15b8568731e63e569d38fbf2ce42b30f153cfe28a69
- SSDEEP
  
  6144:rbE/HUUruEmIHsVsoxBfFQbVT90k9Qm927mrBmnX82KdAzPbkObVSieJ+z2ZGzfV:rbfmwFpoQm92qulKdAzz7ZffGj7PYmc
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader