Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

bad16d4dcbc47d1b5b928abb2f95fd8bb71d7cca98b399caaa04c80c401e354c
Size

72KB
Sample

230129-v988wafg83
MD5

87e6649598a86f3d1b1191dda3d901e5
SHA1

30b40a5fbc4b7734966bbef5290586fcaad3d933
SHA256

bad16d4dcbc47d1b5b928abb2f95fd8bb71d7cca98b399caaa04c80c401e354c
SHA512

c1cd27782e1ffe2a94fed1e617ae11ae281dc988df1ac29a0093fac019fe3590df55bff450951ce91dd996004a32689c605eac0780ad43d463b64b48110767bd
SSDEEP

1536:WD+FE3ivMhqsL6VezPCcQM8y0OxYsYu9wWD:WCFE3ivMgsuVqPCcQM8y0CYsIW

Score

10^/10

guloader downloader guloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1vEJYlGXKpzVADVAgIBq9nEQBYZ_hkEq_

xor.base64

Targets

- Target
  
  bad16d4dcbc47d1b5b928abb2f95fd8bb71d7cca98b399caaa04c80c401e354c
- Size
  
  72KB
- MD5
  
  87e6649598a86f3d1b1191dda3d901e5
- SHA1
  
  30b40a5fbc4b7734966bbef5290586fcaad3d933
- SHA256
  
  bad16d4dcbc47d1b5b928abb2f95fd8bb71d7cca98b399caaa04c80c401e354c
- SHA512
  
  c1cd27782e1ffe2a94fed1e617ae11ae281dc988df1ac29a0093fac019fe3590df55bff450951ce91dd996004a32689c605eac0780ad43d463b64b48110767bd
- SSDEEP
  
  1536:WD+FE3ivMhqsL6VezPCcQM8y0OxYsYu9wWD:WCFE3ivMgsuVqPCcQM8y0CYsIW
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader