Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

958521575f39a02c9b3392e6165cd345d70364cd93d0e080f3f6b6fa3db4936d
Size

128KB
Sample

230129-1t9scsed56
MD5

2e21d4608f3a76c51e9ae57b04197737
SHA1

d8b7d2b2857ee07b512a29da5062616a5846f805
SHA256

958521575f39a02c9b3392e6165cd345d70364cd93d0e080f3f6b6fa3db4936d
SHA512

b77e9ea93611295b5ce29cf1a6bcdd8cdda29a03d5c67de1de5f1766ba8365c1901d87c827435859380fb34799bf2f0941a19ed964cc09e9b2a5e6b7265547b7
SSDEEP

3072:6pTSnUpuMZu+IeOFd8Er1NizJ+DZNJ+I:cSnUhhOFd8Er1NizJk

Score

10^/10

guloader downloader guloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1ArGHlkiCQW6Ppt3Uw5cPS76717BetDXa

xor.base64

Targets

- Target
  
  958521575f39a02c9b3392e6165cd345d70364cd93d0e080f3f6b6fa3db4936d
- Size
  
  128KB
- MD5
  
  2e21d4608f3a76c51e9ae57b04197737
- SHA1
  
  d8b7d2b2857ee07b512a29da5062616a5846f805
- SHA256
  
  958521575f39a02c9b3392e6165cd345d70364cd93d0e080f3f6b6fa3db4936d
- SHA512
  
  b77e9ea93611295b5ce29cf1a6bcdd8cdda29a03d5c67de1de5f1766ba8365c1901d87c827435859380fb34799bf2f0941a19ed964cc09e9b2a5e6b7265547b7
- SSDEEP
  
  3072:6pTSnUpuMZu+IeOFd8Er1NizJ+DZNJ+I:cSnUhhOFd8Er1NizJk
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader