guloader | gugu_gogo[.]bin | Triage

Resubmissions

24/08/2023, 09:26

230824-ld7kqsch4t 10

24/08/2023, 08:57

230824-kwsnvscg7t 10

Sharing

Copy URL Twitter E-mail

General

Target

gugu_gogo.bin
Size

256KB
MD5

5131e88a2a029e5f43037498446c7ebe
SHA1

d8040f77f302f9d72265c597c0e064444c94360b
SHA256

b3441cd04205175c973de6e529b4ce95c76b42b43c9ff6cf28d22cbf4c5abf95
SHA512

38bbef6c804d3c6771344bcee3e3fe4becb4027eff94abaaa603c324eae5e04b03f5cfd222a8edea8f19a310e5a5136dd8b9821bf768d8a071411dcd282e55c8
SSDEEP

6144:t4SkHQ8gHm5X0pVQoVssdw815FN9aCXZ3xu3IGa44wj:t4SlmSpVfVs4jDRaE34Y2

Score

10^/10

guloader

Malware Config

Signatures

Guloader family
guloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gugu_gogo.bin

Files

gugu_gogo.bin
.exe windows x86

b547b1487151c8557bcbc6c24574ec6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualAlloc

Sections

.text
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE