guloader | 0bd777a0a6ec3b65f2d0d83658fc39568c24fcca48e15752c7bfe91eaf5702b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bd777a0a6ec3b65f2d0d83658fc39568c24fcca48e15752c7bfe91eaf5702b0
Size

100KB
Sample

230719-czl2gsfc87
MD5

1640146a0129c5de127c36da90662dbf
SHA1

a3a8e74b0adf9dd085dd306c8f8c066d5e7b5d2b
SHA256

0bd777a0a6ec3b65f2d0d83658fc39568c24fcca48e15752c7bfe91eaf5702b0
SHA512

a5e33a3570aa2d3c8673d5571dea4fd2e855dd76fc4ded844a0b559016159ba30f66cb943700011ad8ac6bf99626d135ea82ee9cea643d9da3211f1040579b1e
SSDEEP

1536:sAioou2tSBG5BF6ttUeO+85oeD22Kkf24lH:0u2ICQttU9Fuq22hf2G

Score

10^/10

guloader downloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1Yn_pYd8pizTAMgh2NIGAMKhfxhdFMplB

https://yorgeatransport.com/dstu_QRCyfX28.bin

xor.base64

Targets

- Target
  
  0bd777a0a6ec3b65f2d0d83658fc39568c24fcca48e15752c7bfe91eaf5702b0
- Size
  
  100KB
- MD5
  
  1640146a0129c5de127c36da90662dbf
- SHA1
  
  a3a8e74b0adf9dd085dd306c8f8c066d5e7b5d2b
- SHA256
  
  0bd777a0a6ec3b65f2d0d83658fc39568c24fcca48e15752c7bfe91eaf5702b0
- SHA512
  
  a5e33a3570aa2d3c8673d5571dea4fd2e855dd76fc4ded844a0b559016159ba30f66cb943700011ad8ac6bf99626d135ea82ee9cea643d9da3211f1040579b1e
- SSDEEP
  
  1536:sAioou2tSBG5BF6ttUeO+85oeD22Kkf24lH:0u2ICQttU9Fuq22hf2G
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader