Overview

overview

10

Static

static

doc0074632...43.vbs

windows7-x64

10

doc0074632...43.vbs

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    doc00746320230130110943.vbs

  • Size

    386KB

  • Sample

    230202-nlk3tahh6v

  • MD5

    d4de69bc6952a5eac2b4fed37a586546

  • SHA1

    98337241c6c5eaab7e0f12106caecf0cd0847d1b

  • SHA256

    d0310ed71a8ca1cba5be60d1d4350efc975caa8763eb7985ae0d9c734dce7469

  • SHA512

    231b56ed4d6d48ca0293fd652bb38c8ff1d1bf100ad53fb66f1b9248ff46effe575f361bb4cf139f3eb19c37c65af77ccfc4397b85e1fa851f5350628134f0c3

  • SSDEEP

    6144:b8D7TBEY7dDgmk9WY16LydLA62p+9a2mRd5BmH5fw8BMK3IC0gUvEQgZIqLT:b8D7T50mksWVA2S1m54wIJsiWT

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      doc00746320230130110943.vbs

    • Size

      386KB

    • MD5

      d4de69bc6952a5eac2b4fed37a586546

    • SHA1

      98337241c6c5eaab7e0f12106caecf0cd0847d1b

    • SHA256

      d0310ed71a8ca1cba5be60d1d4350efc975caa8763eb7985ae0d9c734dce7469

    • SHA512

      231b56ed4d6d48ca0293fd652bb38c8ff1d1bf100ad53fb66f1b9248ff46effe575f361bb4cf139f3eb19c37c65af77ccfc4397b85e1fa851f5350628134f0c3

    • SSDEEP

      6144:b8D7TBEY7dDgmk9WY16LydLA62p+9a2mRd5BmH5fw8BMK3IC0gUvEQgZIqLT:b8D7T50mksWVA2S1m54wIJsiWT

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks