guloader | d6cca13aa864e7fb973e2368574b4407794af1e8c744056aa763d40c16dbe4cb | Triage

Sharing

General

Target

d6cca13aa864e7fb973e2368574b4407794af1e8c744056aa763d40c16dbe4cb
Size

908KB
Sample

230206-nwfabadg24
MD5

d36c6a744592b03820482ba99b2216fa
SHA1

911c42ca67b3d82c9300d65bc80d7a367fb99f98
SHA256

d6cca13aa864e7fb973e2368574b4407794af1e8c744056aa763d40c16dbe4cb
SHA512

ab90d28ce2948aea578b9b37e1ce732855945dae92a315472738616eebcfd87c7fe5411627ddf602cf6b0b650ca66485f10584a2ba3f9c70e59215fee99b0806
SSDEEP

12288:Knby4m2z2OppNHITNQjVSK1QXDT1dGZVhjcIAFdkC2akBNowmj8r:Wy4m2iOpzHU+MOQzmVhjc7rQaUNowmj2

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  d6cca13aa864e7fb973e2368574b4407794af1e8c744056aa763d40c16dbe4cb
- Size
  
  908KB
- MD5
  
  d36c6a744592b03820482ba99b2216fa
- SHA1
  
  911c42ca67b3d82c9300d65bc80d7a367fb99f98
- SHA256
  
  d6cca13aa864e7fb973e2368574b4407794af1e8c744056aa763d40c16dbe4cb
- SHA512
  
  ab90d28ce2948aea578b9b37e1ce732855945dae92a315472738616eebcfd87c7fe5411627ddf602cf6b0b650ca66485f10584a2ba3f9c70e59215fee99b0806
- SSDEEP
  
  12288:Knby4m2z2OppNHITNQjVSK1QXDT1dGZVhjcIAFdkC2akBNowmj8r:Wy4m2iOpzHU+MOQzmVhjc7rQaUNowmj2
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2