guloader | 949b414a9516e4746044c40c3eceb7f74fcedd46455c6797a9b3f79e0d57dcf1 | Triage

Sharing

General

Target

949b414a9516e4746044c40c3eceb7f74fcedd46455c6797a9b3f79e0d57dcf1
Size

96KB
Sample

230129-tte5eseh4y
MD5

e58dc1160ff26daddcdc2e8c58d28f34
SHA1

2f98d5c82ccb9a50ab7d1ba03f5044370499d1d9
SHA256

949b414a9516e4746044c40c3eceb7f74fcedd46455c6797a9b3f79e0d57dcf1
SHA512

65018b3311ba25bc00dea6e4a1bffbc97538d06f14a4bf1be0e92031e977e22b9df09c08f17c9a5ce1d43397d2fdc4bc434eb26c6839f2c7e2a2d9f4b7ae6c63
SSDEEP

1536:Ik/p3GEnxggU4dMYzJg/QmDRYBZ2L3e3UTL1L/tz10p3GEnx:I53YdgF/30wT

Score

10^/10

guloader downloader

Malware Config

Extracted

Family

guloader

C2

http://mtspsmjeli.sch.id/cl/XP_remcos%202021_HzUYr10.bin

xor.base64

Targets

- Target
  
  949b414a9516e4746044c40c3eceb7f74fcedd46455c6797a9b3f79e0d57dcf1
- Size
  
  96KB
- MD5
  
  e58dc1160ff26daddcdc2e8c58d28f34
- SHA1
  
  2f98d5c82ccb9a50ab7d1ba03f5044370499d1d9
- SHA256
  
  949b414a9516e4746044c40c3eceb7f74fcedd46455c6797a9b3f79e0d57dcf1
- SHA512
  
  65018b3311ba25bc00dea6e4a1bffbc97538d06f14a4bf1be0e92031e977e22b9df09c08f17c9a5ce1d43397d2fdc4bc434eb26c6839f2c7e2a2d9f4b7ae6c63
- SSDEEP
  
  1536:Ik/p3GEnxggU4dMYzJg/QmDRYBZ2L3e3UTL1L/tz10p3GEnx:I53YdgF/30wT
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader