guloader | 31b38f55156499bd8dcfe542dcce8ad614350464d75f17fc302d30213cf86a2f | Triage

Sharing

General

Target

75f2c544794e7807efb34ba17c4b5cc3_JaffaCakes118
Size

41KB
Sample

240726-16nqnayaqk
MD5

75f2c544794e7807efb34ba17c4b5cc3
SHA1

cc0b577772cb034d3f14f0487245a84c5b4a39ae
SHA256

31b38f55156499bd8dcfe542dcce8ad614350464d75f17fc302d30213cf86a2f
SHA512

1e925a5cd417f24288ee44647c822fa927b2bd27238c0fdcfce5fb4ecd6a11078b1726eab990c68cfb35e0e01a7951a4a42f0c937dd4d6e27220698471160d7e
SSDEEP

768:T40mbm22yX71zfQG/NdSWOWCW279UtXKGhJ/RsTSeiBmWjno7xB92m:TPmbm22yrVfQGfSNhWq2NKnzglro7r9h

Score

10^/10

guloader discovery downloader guloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1p_n6WIZIxEXuYpbfaQ-eXF-4j7vZpCAo

xor.base64

Targets

- Target
  
  MDPC064-S-0000432021.exe
- Size
  
  112KB
- MD5
  
  d8b8972c0ccd798a3d6fb7a9770a5183
- SHA1
  
  8c43bc64037b04b2414487fdec064fc6e44f595f
- SHA256
  
  e1495c129b26d4e3902366037e9ee8946bc6fbc17c5b7587fcc4e40245093ea2
- SHA512
  
  f887aa2d89233ccbf8f08394b74103a97e5a6aa8b388314f18e1aa7f0f0498c05df29f0cefc7b5b0cc54d8af3d07b66b7bdccdb4296336caa57a6d2c7eb84ec1
- SSDEEP
  
  768:bsK8KpLv62opHSIH35kVtHDOSrGKk/uCEVnhKUAb8qsAqXjSa4SbfHWNhJzeh/fh:bi4LM1SIH35kVhOPCncIqsdma5uZJu
Score

10^/10

guloader discovery downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloaderguloader

behavioral2

guloaderdiscoverydownloaderguloader