guloader | gugugugugugugugug_wo_diupc[.]bin | Triage

Resubmissions

26-08-2023 10:00

230826-l1zteahd33 10

26-08-2023 09:28

230826-lfrbjahc59 10

Sharing

General

Target

gugugugugugugugug_wo_diupc.bin
Size

264KB
MD5

261ef432dd56efebf6dc147767a15c19
SHA1

9db6923256f869f391f24d07961e4fdff7a59c76
SHA256

769e6002b8038a0a87c66347326d314fa597a228c04c9ec58e3c2a6e686da7db
SHA512

e25837e2c67f5852024b133750fe89eb7d60a6242b38d7f523f0d392b438c338745a5074e7136e77a17e3b769dd54e474aaccccbee508c6409d2c9f587e97690
SSDEEP

6144:K4SkHQ8gHm5XapVQoVssdw815FN9aCXZ3xu3IGa44wj:K4SlmopVfVs4jDRaE34Y2

Score

10^/10

guloader

Malware Config

Signatures

Guloader family
guloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gugugugugugugugug_wo_diupc.bin

Files

gugugugugugugugug_wo_diupc.bin
.exe windows x86

b547b1487151c8557bcbc6c24574ec6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualAlloc

Sections

.text
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE