guloader | d81a38771f5d2a7fa9aa2d6e437cb191f632541ef600c2f48ca23d204497ed3f | Triage

Sharing

General

Target

f55bd0e8-7c4e-1e2b-7fb8-d7a9f5fa38ad.eml
Size

696KB
Sample

230208-hx9mnahe77
MD5

734ec80106a476f07b4e2ff8f8137e8c
SHA1

bb80f555c99433db18ff9347de26f8b4682020cf
SHA256

d81a38771f5d2a7fa9aa2d6e437cb191f632541ef600c2f48ca23d204497ed3f
SHA512

bcc901cae1eca58ba128c1e538abd214f1c3be4db85e2cd459075a08a18467764643a2bff1937354e1e8dc9cb765b45c2188330a5e1ef4adc4c90f2177bf4b86
SSDEEP

12288:I6ixXGLsSfCJM79xGMjqCeIkfsWAae6vTZG4AZ+428Tjnq5+b3SmgUqU15nFh:kgCiRNjqCqfsWAae69tp55HknFh

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  200333852-042536-sanlccjavap0004-4332.pdf.exe
- Size
  
  590KB
- MD5
  
  e1f1c869069a506fbba24fe57af294d1
- SHA1
  
  402cfe8ce3c76bc658bbdcc503e8b91d841c33b8
- SHA256
  
  d8933e7d6e91c53200c334528a935434d1b0e2ce2286e9842e75911ea832b8c7
- SHA512
  
  15e6124c598b5280fa1c69ca2a115aa27420477d5de7b95a0db20abb64bea3a587424da5c54b6d8dbedf7ccdf7a7d26b529e57f5fad34f3bfb4152a23b55bd41
- SSDEEP
  
  12288:tgL+rDzX8+uSoJF6qmq+biBie2VlBvt4bgjoS9nOu2prh:M2ESofoqCDfnIooS9nL2pt
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

guloaderdownloader

behavioral2