Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

doc00746320230130110943.vbs
Size

386KB
Sample

230202-nlk3tahh6v
MD5

d4de69bc6952a5eac2b4fed37a586546
SHA1

98337241c6c5eaab7e0f12106caecf0cd0847d1b
SHA256

d0310ed71a8ca1cba5be60d1d4350efc975caa8763eb7985ae0d9c734dce7469
SHA512

231b56ed4d6d48ca0293fd652bb38c8ff1d1bf100ad53fb66f1b9248ff46effe575f361bb4cf139f3eb19c37c65af77ccfc4397b85e1fa851f5350628134f0c3
SSDEEP

6144:b8D7TBEY7dDgmk9WY16LydLA62p+9a2mRd5BmH5fw8BMK3IC0gUvEQgZIqLT:b8D7T50mksWVA2S1m54wIJsiWT

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  doc00746320230130110943.vbs
- Size
  
  386KB
- MD5
  
  d4de69bc6952a5eac2b4fed37a586546
- SHA1
  
  98337241c6c5eaab7e0f12106caecf0cd0847d1b
- SHA256
  
  d0310ed71a8ca1cba5be60d1d4350efc975caa8763eb7985ae0d9c734dce7469
- SHA512
  
  231b56ed4d6d48ca0293fd652bb38c8ff1d1bf100ad53fb66f1b9248ff46effe575f361bb4cf139f3eb19c37c65af77ccfc4397b85e1fa851f5350628134f0c3
- SSDEEP
  
  6144:b8D7TBEY7dDgmk9WY16LydLA62p+9a2mRd5BmH5fw8BMK3IC0gUvEQgZIqLT:b8D7T50mksWVA2S1m54wIJsiWT
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

guloaderdownloader

behavioral2