guloader | 230e0f29f18d2af16d1e4e79af80b32f2f400761bc578f02addf9e313ccbcd8c | Triage

Sharing

General

Target

751414880f93e6d9d8995cd7359ed197_JaffaCakes118
Size

112KB
Sample

240726-wb6krsxdqa
MD5

751414880f93e6d9d8995cd7359ed197
SHA1

1298a2d8d9c1c926ea8986b37440a97d4ca4732f
SHA256

230e0f29f18d2af16d1e4e79af80b32f2f400761bc578f02addf9e313ccbcd8c
SHA512

a271cf407d99fb37703cebde4d804a4cdbe7eba4d3b9b7447eca29dbcd3df25754a846378660dc33f9aef1479647e1f143ddcd49de2dc39ced5e266f185889e5
SSDEEP

1536:JdEA/0tfCxl6IWBkpCm1JY5DmDdg9jeOC+zeO4d:Jd//yCpNy5DmDO9jeOC+zeO4d

Score

10^/10

guloader discovery downloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1MLCjjDez6CHX_73RaJptihCCRAt7lMyi

https://hzz1.at/rochaspa_HKRuWeae151.bin

xor.base64

Targets

- Target
  
  751414880f93e6d9d8995cd7359ed197_JaffaCakes118
- Size
  
  112KB
- MD5
  
  751414880f93e6d9d8995cd7359ed197
- SHA1
  
  1298a2d8d9c1c926ea8986b37440a97d4ca4732f
- SHA256
  
  230e0f29f18d2af16d1e4e79af80b32f2f400761bc578f02addf9e313ccbcd8c
- SHA512
  
  a271cf407d99fb37703cebde4d804a4cdbe7eba4d3b9b7447eca29dbcd3df25754a846378660dc33f9aef1479647e1f143ddcd49de2dc39ced5e266f185889e5
- SSDEEP
  
  1536:JdEA/0tfCxl6IWBkpCm1JY5DmDdg9jeOC+zeO4d:Jd//yCpNy5DmDO9jeOC+zeO4d
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader