guloader | 9fefd5cbebe1a5c768a46b5615f116e03d2ae863049720fb4e32bf2cd253dc62 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

New Order.exe

windows10-1703-x64

Sharing

General

Target

New Order.exe
Size

634KB
Sample

240305-sqylxshh2v
MD5

7c719e9f0ac2aa430841a5c53a13e5c4
SHA1

9e908a8634e3ad3e98fb2b92921b13fa07ade434
SHA256

9fefd5cbebe1a5c768a46b5615f116e03d2ae863049720fb4e32bf2cd253dc62
SHA512

51c4727669ec364840d5e30c0414b96f32707a3d7b09cd9861bb0be0f9c7878a2c76637c86f120d968f4f280f3ce1e4f308cd4407e883df1d23664d1a642bbdc
SSDEEP

12288:s1nnUt8ih8xaobFBTl5L8cMZnPsepuOgO6WAcopzgalClA74:+nUtvh8xvbFBTPL8c8P5ph1AxpzgaY

Score

10^/10

guloader downloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

New Order.exe

Resource

win10-20240221-en

guloader downloader

windows10-1703-x64

8 signatures

1800 seconds

Malware Config

Targets

- Target
  
  New Order.exe
- Size
  
  634KB
- MD5
  
  7c719e9f0ac2aa430841a5c53a13e5c4
- SHA1
  
  9e908a8634e3ad3e98fb2b92921b13fa07ade434
- SHA256
  
  9fefd5cbebe1a5c768a46b5615f116e03d2ae863049720fb4e32bf2cd253dc62
- SHA512
  
  51c4727669ec364840d5e30c0414b96f32707a3d7b09cd9861bb0be0f9c7878a2c76637c86f120d968f4f280f3ce1e4f308cd4407e883df1d23664d1a642bbdc
- SSDEEP
  
  12288:s1nnUt8ih8xaobFBTl5L8cMZnPsepuOgO6WAcopzgalClA74:+nUtvh8xvbFBTPL8c8P5ph1AxpzgaY
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdownloader

© 2018-2025

Terms | Privacy