guloader | e7a3e086273fe64376d56f728f4b0a8a48d1725e85bb2ae5ec6b3064a5ba2169 | Triage

Sharing

General

Target

230202-l17t1shf6x_pw_infected.zip
Size

204KB
Sample

230202-l92dlahf8v
MD5

742f48459a719722f2b1b9e610162048
SHA1

bf5295f4f08a4f7a983d714e1b5f1663a4e61565
SHA256

e7a3e086273fe64376d56f728f4b0a8a48d1725e85bb2ae5ec6b3064a5ba2169
SHA512

dd0ac58f9747ac00edc14a518803d59a1044b9ea3f3721c4be4a83fbfb93eefed9b28cb2f210e07cc390a164c14b685b68d8bebdcc75850b542d13c0e2854100
SSDEEP

6144:Zllo6MJkmdfen9U2SsXeMw6xAmcBBA6LCYEX:Zvsk5uZmKJCYU

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  Facturas Pagadas al Vencimiento.PDF.vbs
- Size
  
  323KB
- MD5
  
  a2b0e27953e18f84f131b68845ae040a
- SHA1
  
  4958961105a49b0898713976208333fffcc2b3f0
- SHA256
  
  64ceea761d30bc6d34cfca690e12bb3397756598b684b28446d3c7767f0468ec
- SHA512
  
  3b834efbea8a68eeecb7ad3ed5f9f5913ceba3014a1459b3c9b3298134888d3d9ee5b7ae451a07590bf18649a8f793081da8ef5bf9be693448f2b8dd6c6f9943
- SSDEEP
  
  6144:x+K5nT4YLJ+5GMT2O9L+qEik6G0yzwLE9yjd4fX+RlMx7s9fOuRKYb2:x+LYLJ+AMuh6Gd8EkjdIX+3Mx7DucYb2
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloader