guloader | 5c5e317ad1fee46ff701e4b69e41b7f117f995e9e7d5e189d4f35d903a93151b | Triage

Submit
Reports

Overview

overview

Static

static

3

0a8d5b66da...18.exe

windows7-x64

0a8d5b66da...18.exe

windows10-2004-x64

Sharing

General

Target

0a8d5b66dab989ff7310b8155fbbe51c_JaffaCakes118
Size

92KB
Sample

240430-19d1maba54
MD5

0a8d5b66dab989ff7310b8155fbbe51c
SHA1

a28e9366d125ca00bffb709eae902b71fa94c432
SHA256

5c5e317ad1fee46ff701e4b69e41b7f117f995e9e7d5e189d4f35d903a93151b
SHA512

d341079fab7c81c5649f0e33d85817da0ed866633a40bac6b22275629ecd6cc94fdb7f1f3efd290a2ba13789ad1430da40ab8128ac0f7c94e3f5d83a8c78a065
SSDEEP

1536:vjNgIyddH//A6Na617d3R6ofimrSQA6Na617d3ZgIyddH/:bNfyddfPf6YSy7fyddf

Score

10^/10

guloader downloader guloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0a8d5b66dab989ff7310b8155fbbe51c_JaffaCakes118.exe

Resource

win7-20240221-en

guloader downloader guloader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a8d5b66dab989ff7310b8155fbbe51c_JaffaCakes118.exe

Resource

win10v2004-20240419-en

guloader downloader guloader

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  0a8d5b66dab989ff7310b8155fbbe51c_JaffaCakes118
- Size
  
  92KB
- MD5
  
  0a8d5b66dab989ff7310b8155fbbe51c
- SHA1
  
  a28e9366d125ca00bffb709eae902b71fa94c432
- SHA256
  
  5c5e317ad1fee46ff701e4b69e41b7f117f995e9e7d5e189d4f35d903a93151b
- SHA512
  
  d341079fab7c81c5649f0e33d85817da0ed866633a40bac6b22275629ecd6cc94fdb7f1f3efd290a2ba13789ad1430da40ab8128ac0f7c94e3f5d83a8c78a065
- SSDEEP
  
  1536:vjNgIyddH//A6Na617d3R6ofimrSQA6Na617d3ZgIyddH/:bNfyddfPf6YSy7fyddf
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy