guloader | 0cc21ba4d789154cd3bdacca60974bfbec231520173d2059f55a42b9e21a6265 | Triage

Sharing

General

Target

Appendix 2_Technical_Specification.exe
Size

215KB
Sample

221223-qs3bsabf7y
MD5

a5abfbcff463b0fc998b2a649827483d
SHA1

e224f0196ff0f40e3a85bed640e336b959155cad
SHA256

0cc21ba4d789154cd3bdacca60974bfbec231520173d2059f55a42b9e21a6265
SHA512

bb5d6e96ef30517ed76a4bc8f92cf17c695b8c4288a65d6d2d51b9f89fdc2ab0ed78205b887812752a35a45e86e9cd5f597de12636c3741b84f91967be192242
SSDEEP

3072:Ns77w1OlWUt1ukBbuDhN18zbPa3sT7oAKXuF6zey4eczPPnOuiMiK7X+5g1NPVJn:emOPHA9UIW7fdUTCXns87XIg1dXrIcQY

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Appendix 2_Technical_Specification.exe
- Size
  
  215KB
- MD5
  
  a5abfbcff463b0fc998b2a649827483d
- SHA1
  
  e224f0196ff0f40e3a85bed640e336b959155cad
- SHA256
  
  0cc21ba4d789154cd3bdacca60974bfbec231520173d2059f55a42b9e21a6265
- SHA512
  
  bb5d6e96ef30517ed76a4bc8f92cf17c695b8c4288a65d6d2d51b9f89fdc2ab0ed78205b887812752a35a45e86e9cd5f597de12636c3741b84f91967be192242
- SSDEEP
  
  3072:Ns77w1OlWUt1ukBbuDhN18zbPa3sT7oAKXuF6zey4eczPPnOuiMiK7X+5g1NPVJn:emOPHA9UIW7fdUTCXns87XIg1dXrIcQY
Score

10^/10

discovery guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader