Overview

overview

10

Static

static

b0d8884661...4a.exe

windows7-x64

10

b0d8884661...4a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0d88846614ad702392ab9d22b7e404159c663a861f8137c3e5aab433a5df74a

  • Size

    123KB

  • Sample

    230127-kfpx2aaa63

  • MD5

    60b711f18a8e00964584e018cdf7cbf1

  • SHA1

    98c0201d83cfceb4cde69cef351b49b3415ef9fb

  • SHA256

    b0d88846614ad702392ab9d22b7e404159c663a861f8137c3e5aab433a5df74a

  • SHA512

    cafe00054883217d6106010d4e28c060d6a53270699db16314f39894bf1bec3c6e79fdde93a5979330ae706b0c01cb64b16633dd6d820e84768d7b9b4542d8f3

  • SSDEEP

    3072:WuxVUg3yGDRb8lc7uRh4X24XscoffenET8lIbPzXt:JgORaBhE24Xkf2E3Pz9

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      b0d88846614ad702392ab9d22b7e404159c663a861f8137c3e5aab433a5df74a

    • Size

      123KB

    • MD5

      60b711f18a8e00964584e018cdf7cbf1

    • SHA1

      98c0201d83cfceb4cde69cef351b49b3415ef9fb

    • SHA256

      b0d88846614ad702392ab9d22b7e404159c663a861f8137c3e5aab433a5df74a

    • SHA512

      cafe00054883217d6106010d4e28c060d6a53270699db16314f39894bf1bec3c6e79fdde93a5979330ae706b0c01cb64b16633dd6d820e84768d7b9b4542d8f3

    • SSDEEP

      3072:WuxVUg3yGDRb8lc7uRh4X24XscoffenET8lIbPzXt:JgORaBhE24Xkf2E3Pz9

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks