Overview

overview

10

Static

static

f7748ac5b8...7e.vbs

windows7-x64

10

f7748ac5b8...7e.vbs

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7748ac5b87db57d1d7fef3e21b2cb7c910a013489c47256594ab26e0a959b7e

  • Size

    339KB

  • Sample

    221221-lc8fmsca38

  • MD5

    6af7dfbc2f5a867f11b8adff1150b5ba

  • SHA1

    8e1d49a3856c57da40973102a96b892a31dee7f6

  • SHA256

    f7748ac5b87db57d1d7fef3e21b2cb7c910a013489c47256594ab26e0a959b7e

  • SHA512

    cd4ea26ffc7b60baf9d92ac64f02babec4a2d93a0bdb4d8d81d95888d83bb5183a8ba8e953fc5f3f264dbec4f239d4f4023825886be022503a6cfebc861ce1c7

  • SSDEEP

    6144:dACvjkhn6pTmKLnbMhZYAEwISL7+qhMRRGdIf5fjeIdnB:dAC+n8SKLnEyc7+sMkoB

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      f7748ac5b87db57d1d7fef3e21b2cb7c910a013489c47256594ab26e0a959b7e

    • Size

      339KB

    • MD5

      6af7dfbc2f5a867f11b8adff1150b5ba

    • SHA1

      8e1d49a3856c57da40973102a96b892a31dee7f6

    • SHA256

      f7748ac5b87db57d1d7fef3e21b2cb7c910a013489c47256594ab26e0a959b7e

    • SHA512

      cd4ea26ffc7b60baf9d92ac64f02babec4a2d93a0bdb4d8d81d95888d83bb5183a8ba8e953fc5f3f264dbec4f239d4f4023825886be022503a6cfebc861ce1c7

    • SSDEEP

      6144:dACvjkhn6pTmKLnbMhZYAEwISL7+qhMRRGdIf5fjeIdnB:dAC+n8SKLnEyc7+sMkoB

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks