guloader | 0fc8307b316ff466d245543fce76b0d1f0860194a74528c325c368b8747d8ed9 | Triage

Sharing

General

Target

0fc8307b316ff466d245543fce76b0d1f0860194a74528c325c368b8747d8ed9
Size

601KB
Sample

221207-etv4bade27
MD5

65883ffa8507c9cc8d7e3e1639de5a4f
SHA1

2973b7e6f12e041723f18b291265384f42b92714
SHA256

0fc8307b316ff466d245543fce76b0d1f0860194a74528c325c368b8747d8ed9
SHA512

f10009afdcf4575d026b64c1486c64f5490654aae93ea5983412e7d0f0ffdc077622e76d9a50d5939e90bd606c4b141de6b53ac6d355a8f20fb807e6fe1c4dc8
SSDEEP

12288:yYUb3oY+SZJjLw8bqN5jLbKAdBf3k6kukmChRfSS0e:yYUb3oYbJj0zN5jLbKm3xkughRaxe

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  0fc8307b316ff466d245543fce76b0d1f0860194a74528c325c368b8747d8ed9
- Size
  
  601KB
- MD5
  
  65883ffa8507c9cc8d7e3e1639de5a4f
- SHA1
  
  2973b7e6f12e041723f18b291265384f42b92714
- SHA256
  
  0fc8307b316ff466d245543fce76b0d1f0860194a74528c325c368b8747d8ed9
- SHA512
  
  f10009afdcf4575d026b64c1486c64f5490654aae93ea5983412e7d0f0ffdc077622e76d9a50d5939e90bd606c4b141de6b53ac6d355a8f20fb807e6fe1c4dc8
- SSDEEP
  
  12288:yYUb3oY+SZJjLw8bqN5jLbKAdBf3k6kukmChRfSS0e:yYUb3oYbJj0zN5jLbKm3xkughRaxe
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2