guloader | b361c7499d1d63396ea56bcab380e85cf3158c3051875fc3ea6a4b63a717681f | Triage

Sharing

General

Target

54f504ce8a36b0dd8ed523c1f30e9a3f_JaffaCakes118
Size

76KB
Sample

240717-1t546s1drm
MD5

54f504ce8a36b0dd8ed523c1f30e9a3f
SHA1

1d2bd8a4b5a328e0ddf88415482061704d06339c
SHA256

b361c7499d1d63396ea56bcab380e85cf3158c3051875fc3ea6a4b63a717681f
SHA512

e1f6468e1a1fc2c6c3d54148a830a5fdc4db055ad8b20da76f6e2c17472f62785d39258afb836701f15e8768bfc5030842e2bb0b9a73bfc0270d26bd66e0d529
SSDEEP

1536:YymyVCwGR2xRzDruQjRsqHB09uO0kw9gAvGwodF:Zmyow2kHzjeqH20k7

Score

10^/10

guloader downloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1ATWBAHAkXv4L_wxfVuLFkIw199oQVtf5

https://cdn.discordapp.com/attachments/811402724939137046/811403001948012635/bin_gCuZFwhQ112.bin

xor.base64

Targets

- Target
  
  54f504ce8a36b0dd8ed523c1f30e9a3f_JaffaCakes118
- Size
  
  76KB
- MD5
  
  54f504ce8a36b0dd8ed523c1f30e9a3f
- SHA1
  
  1d2bd8a4b5a328e0ddf88415482061704d06339c
- SHA256
  
  b361c7499d1d63396ea56bcab380e85cf3158c3051875fc3ea6a4b63a717681f
- SHA512
  
  e1f6468e1a1fc2c6c3d54148a830a5fdc4db055ad8b20da76f6e2c17472f62785d39258afb836701f15e8768bfc5030842e2bb0b9a73bfc0270d26bd66e0d529
- SSDEEP
  
  1536:YymyVCwGR2xRzDruQjRsqHB09uO0kw9gAvGwodF:Zmyow2kHzjeqH20k7
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader