guloader | 9f24c8aa143c08e781f1af679d50fd0b354b84f7d0aeb69dbe10a902dca5e02a | Triage

Sharing

General

Target

9f24c8aa143c08e781f1af679d50fd0b354b84f7d0aeb69dbe10a902dca5e02a
Size

401KB
Sample

221209-q7x1lsgb6y
MD5

3c2bd12f7b7bd7dce1356ee121390e59
SHA1

690d0ca0574f5ba2a3ec29ea1486b139b6c1444e
SHA256

9f24c8aa143c08e781f1af679d50fd0b354b84f7d0aeb69dbe10a902dca5e02a
SHA512

7a94e20f8813bf8ee86ebdde151b834e48eb2f40c7dbd2c5829f85d5a995a082d1ee3ed5dbc7a1ea3d1830ccd7b422e6d22a8bcd3ad6a34abf7fb144432ef128
SSDEEP

6144:wLsBN8xoIVidwra/vPrF5bQ5e9eAQIki+uC1szbhQqfP3OvPk:rBrL8AQIki+u5hJXOXk

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  9f24c8aa143c08e781f1af679d50fd0b354b84f7d0aeb69dbe10a902dca5e02a
- Size
  
  401KB
- MD5
  
  3c2bd12f7b7bd7dce1356ee121390e59
- SHA1
  
  690d0ca0574f5ba2a3ec29ea1486b139b6c1444e
- SHA256
  
  9f24c8aa143c08e781f1af679d50fd0b354b84f7d0aeb69dbe10a902dca5e02a
- SHA512
  
  7a94e20f8813bf8ee86ebdde151b834e48eb2f40c7dbd2c5829f85d5a995a082d1ee3ed5dbc7a1ea3d1830ccd7b422e6d22a8bcd3ad6a34abf7fb144432ef128
- SSDEEP
  
  6144:wLsBN8xoIVidwra/vPrF5bQ5e9eAQIki+uC1szbhQqfP3OvPk:rBrL8AQIki+u5hJXOXk
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader