Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

085f074477fc21d7ff8d79377a049772be5a6ac3ff44a2bba706a05c8c90aefb
Size

68KB
Sample

230129-1t79jafg81
MD5

83c14a66b24119744113c9b6e5b8803d
SHA1

4a1c5058f99a63f4b9ae54a1fbde37830a7bc736
SHA256

085f074477fc21d7ff8d79377a049772be5a6ac3ff44a2bba706a05c8c90aefb
SHA512

2013cb9b6cbb3cd04f5141b456437fffb2b10f5a43c05f79739b956655ad5508a418c7e912a3c1e33ac2c4081fbddfcb70309fd67e658b86a39278ccc14c116a
SSDEEP

768:ZKwUy2YNMz+jd9N3gPXylbgRqd0KwrbFTmMcgQNrN6aUJT1nwPdu06BLIwObEIg:cwBjeaDZoKwrbFqHN6aUPS9b0

Score

10^/10

guloader downloader guloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1QFtP4O3h15SCAenwyvIgbYE8H071KTE8

xor.base64

Targets

- Target
  
  085f074477fc21d7ff8d79377a049772be5a6ac3ff44a2bba706a05c8c90aefb
- Size
  
  68KB
- MD5
  
  83c14a66b24119744113c9b6e5b8803d
- SHA1
  
  4a1c5058f99a63f4b9ae54a1fbde37830a7bc736
- SHA256
  
  085f074477fc21d7ff8d79377a049772be5a6ac3ff44a2bba706a05c8c90aefb
- SHA512
  
  2013cb9b6cbb3cd04f5141b456437fffb2b10f5a43c05f79739b956655ad5508a418c7e912a3c1e33ac2c4081fbddfcb70309fd67e658b86a39278ccc14c116a
- SSDEEP
  
  768:ZKwUy2YNMz+jd9N3gPXylbgRqd0KwrbFTmMcgQNrN6aUJT1nwPdu06BLIwObEIg:cwBjeaDZoKwrbFqHN6aUPS9b0
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader