guloader | af85d8000015b759cb9a92855ae9e30d627a774144439e9649eb58922d8c0105 | Triage

Sharing

General

Target

af85d8000015b759cb9a92855ae9e30d627a774144439e9649eb58922d8c0105
Size

60KB
Sample

230129-srsgascb94
MD5

e9077d1ffd31f7b5d3ef5dbddf660a11
SHA1

afffda4d3b5d35cfa931419992224d5ee55ca66b
SHA256

af85d8000015b759cb9a92855ae9e30d627a774144439e9649eb58922d8c0105
SHA512

4f1c673d76672dd8b3d53dabc501ca0cb5d8ebb0ce39cee730461a539a0e32c10837f70fabc2031502429c467d3caba6cd9cbf6566c83b58f21e7f010ed037d8
SSDEEP

768:e2KgmR8m4t4Ey8e/artl92ig9Pk0DV5Ajf37M7ag380rr9woAMCj3SiXS8gb:0REt41/iT92ig9MkVM37EaMp9yx

Score

10^/10

guloader downloader

Malware Config

Extracted

Family

guloader

C2

https://cervmp.cl/dstu_qnXdbri105.bin

xor.base64

Targets

- Target
  
  af85d8000015b759cb9a92855ae9e30d627a774144439e9649eb58922d8c0105
- Size
  
  60KB
- MD5
  
  e9077d1ffd31f7b5d3ef5dbddf660a11
- SHA1
  
  afffda4d3b5d35cfa931419992224d5ee55ca66b
- SHA256
  
  af85d8000015b759cb9a92855ae9e30d627a774144439e9649eb58922d8c0105
- SHA512
  
  4f1c673d76672dd8b3d53dabc501ca0cb5d8ebb0ce39cee730461a539a0e32c10837f70fabc2031502429c467d3caba6cd9cbf6566c83b58f21e7f010ed037d8
- SSDEEP
  
  768:e2KgmR8m4t4Ey8e/artl92ig9Pk0DV5Ajf37M7ag380rr9woAMCj3SiXS8gb:0REt41/iT92ig9MkVM37EaMp9yx
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader