guloader | 29e227dece066981315fa81ffa48ba4c869c710afcc0740e146c0e744917ce90 | Triage

Submit
Reports

Overview

overview

Static

static

3

65004bd034...1f.exe

windows7-x64

65004bd034...1f.exe

windows10-2004-x64

Sharing

General

Target

65004bd03460fec0da8d6c34d4d00c1f
Size

72KB
Sample

231226-ltymrsahaj
MD5

65004bd03460fec0da8d6c34d4d00c1f
SHA1

366a3529712fe39c85963248046ff731a5dfd2dd
SHA256

29e227dece066981315fa81ffa48ba4c869c710afcc0740e146c0e744917ce90
SHA512

26951becc299707cb16f5d8cd4876eef231ac46f80565c77d93f297bded83fb5a2712fddf2d44a4eac9ea86086db87850c6a7d5e2f4356c4deef018a7f6af271
SSDEEP

768:KFCciijYqhKiaVM2una4LHO/DSrWcYcTAIAaeUVQRdNhCP79E:Q5pkRiOM2Z4y+rWtIAa5Kk7e

Score

10^/10

guloader downloader guloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

65004bd03460fec0da8d6c34d4d00c1f.exe

Resource

win7-20231129-en

guloader downloader guloader

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

65004bd03460fec0da8d6c34d4d00c1f.exe

Resource

win10v2004-20231215-en

guloader downloader guloader

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

https://totalprotectionltd.com/cvb/nov_fUedQoN143.bin

xor.base64

Targets

- Target
  
  65004bd03460fec0da8d6c34d4d00c1f
- Size
  
  72KB
- MD5
  
  65004bd03460fec0da8d6c34d4d00c1f
- SHA1
  
  366a3529712fe39c85963248046ff731a5dfd2dd
- SHA256
  
  29e227dece066981315fa81ffa48ba4c869c710afcc0740e146c0e744917ce90
- SHA512
  
  26951becc299707cb16f5d8cd4876eef231ac46f80565c77d93f297bded83fb5a2712fddf2d44a4eac9ea86086db87850c6a7d5e2f4356c4deef018a7f6af271
- SSDEEP
  
  768:KFCciijYqhKiaVM2una4LHO/DSrWcYcTAIAaeUVQRdNhCP79E:Q5pkRiOM2Z4y+rWtIAa5Kk7e
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy