guloader | ab973da4f0e9666e56b3a028e860d613624593c4d3d9c59f0b2afb845ffbf4e6 | Triage

Submit
Reports

Overview

overview

Static

static

3

e9fbf5c7fd...32.exe

windows7-x64

e9fbf5c7fd...32.exe

windows10-2004-x64

Sharing

General

Target

e9fbf5c7fdfc2da4b2d7ed895930f632.exe
Size

60KB
Sample

240109-xeglgsgbfj
MD5

e9fbf5c7fdfc2da4b2d7ed895930f632
SHA1

d5eacc3b926dfffa77d4a5c557d5285e9e44d6e9
SHA256

ab973da4f0e9666e56b3a028e860d613624593c4d3d9c59f0b2afb845ffbf4e6
SHA512

8ee354661cba6a7aa63c643fbebdf1c94a3b4b9c50ff4d3e1213a5058d3587e3b3f7a7e9ae8567bf85d4e16fc223ccf5e82684d96690c9837cb3c0f614ae9169
SSDEEP

768:G60DIn+HAPmxcBZiryYdNQiFgcST3IKV0n1CcgS:EI+HAPOcTiddNQGSzIw0nM

Score

10^/10

guloader downloader guloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e9fbf5c7fdfc2da4b2d7ed895930f632.exe

Resource

win7-20231215-en

guloader downloader guloader

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

e9fbf5c7fdfc2da4b2d7ed895930f632.exe

Resource

win10v2004-20231222-en

guloader downloader guloader

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

https://dailyhintnews.com.ng/vbx/decemberomo_clZJNBXwbB62.bin

xor.base64

Targets

- Target
  
  e9fbf5c7fdfc2da4b2d7ed895930f632.exe
- Size
  
  60KB
- MD5
  
  e9fbf5c7fdfc2da4b2d7ed895930f632
- SHA1
  
  d5eacc3b926dfffa77d4a5c557d5285e9e44d6e9
- SHA256
  
  ab973da4f0e9666e56b3a028e860d613624593c4d3d9c59f0b2afb845ffbf4e6
- SHA512
  
  8ee354661cba6a7aa63c643fbebdf1c94a3b4b9c50ff4d3e1213a5058d3587e3b3f7a7e9ae8567bf85d4e16fc223ccf5e82684d96690c9837cb3c0f614ae9169
- SSDEEP
  
  768:G60DIn+HAPmxcBZiryYdNQiFgcST3IKV0n1CcgS:EI+HAPOcTiddNQGSzIw0nM
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy