guloader | c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a | Triage

Submit
Reports

Overview

overview

Static

static

3

c721b3739c...8a.exe

windows7-x64

8

c721b3739c...8a.exe

windows10-2004-x64

Sharing

General

Target

c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a.exe
Size

1.0MB
Sample

240606-qws8aaeg6v
MD5

7510ca968d647c58b6a90aad25b67ea9
SHA1

98e9b389b53fac08e5b57b4f7510b62262cd2b60
SHA256

c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a
SHA512

5295f022cb517be10ee6b932bf77d0fee6c516526748dd9c55b22b0a60132eb451cbb31d1e0c42e22fbd03280c487bc52404212cfd195bace3cf0cfa92275f10
SSDEEP

24576:CyS5+ePu723mYdVUnOnWKyowfm66aicu9oI+/7bbL:CyE+OkaGGWK7H66FbUX

Score

10^/10

guloader downloader execution

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a.exe

Resource

win7-20240508-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a.exe

Resource

win10v2004-20240508-en

guloader downloader execution

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a.exe
- Size
  
  1.0MB
- MD5
  
  7510ca968d647c58b6a90aad25b67ea9
- SHA1
  
  98e9b389b53fac08e5b57b4f7510b62262cd2b60
- SHA256
  
  c721b3739c4b79acc13fb4694c123cc1c6c4ca2fa73a0e0afcd13438bd7e808a
- SHA512
  
  5295f022cb517be10ee6b932bf77d0fee6c516526748dd9c55b22b0a60132eb451cbb31d1e0c42e22fbd03280c487bc52404212cfd195bace3cf0cfa92275f10
- SSDEEP
  
  24576:CyS5+ePu723mYdVUnOnWKyowfm66aicu9oI+/7bbL:CyE+OkaGGWK7H66FbUX
Score

10^/10

execution guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdownloaderexecution

© 2018-2024

Terms | Privacy