Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d8ac151bd6c926e7cc5f2fd53ea6acba4903f10f33d3847f6e0df7bfc5da5fc

  • Size

    344KB

  • Sample

    230208-cwwfragg92

  • MD5

    ffe76f22d3b15e10e2316d86d83f91bd

  • SHA1

    d1c1ea00a48a678ca5266b7b09958f7a1a1f8e6f

  • SHA256

    4d8ac151bd6c926e7cc5f2fd53ea6acba4903f10f33d3847f6e0df7bfc5da5fc

  • SHA512

    fdf5be51fba93427e9c21580a50f671b7c15bb4bf08d48e69490bd98ccdbb2ff10c1197a05e19bd229e3ab6a44241f0c84696ee96b212ba35a5c48a1d88ca1a2

  • SSDEEP

    6144:592uKNAHw1pOuKsaiAlagnR10EfUptK28Mp9OhTv1y6FHUic1xQzhJ80w8jfnNOC:TK0ODKBnaWRiEF28WOhTv1p96IzhG0zV

Score
10/10
guloaderdownloader

Malware Config

Targets

    • Target

      4d8ac151bd6c926e7cc5f2fd53ea6acba4903f10f33d3847f6e0df7bfc5da5fc

    • Size

      344KB

    • MD5

      ffe76f22d3b15e10e2316d86d83f91bd

    • SHA1

      d1c1ea00a48a678ca5266b7b09958f7a1a1f8e6f

    • SHA256

      4d8ac151bd6c926e7cc5f2fd53ea6acba4903f10f33d3847f6e0df7bfc5da5fc

    • SHA512

      fdf5be51fba93427e9c21580a50f671b7c15bb4bf08d48e69490bd98ccdbb2ff10c1197a05e19bd229e3ab6a44241f0c84696ee96b212ba35a5c48a1d88ca1a2

    • SSDEEP

      6144:592uKNAHw1pOuKsaiAlagnR10EfUptK28Mp9OhTv1y6FHUic1xQzhJ80w8jfnNOC:TK0ODKBnaWRiEF28WOhTv1p96IzhG0zV

    Score
    10/10
    guloaderdownloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks