guloader | 5680e9b53c6caef9d67ca22db7adf5422f8d60248610db7d8b7fdbc0cfde34d2 | Triage

Sharing

General

Target

98583f8dd020c99738c5cccd0fc7bbc5_JaffaCakes118
Size

128KB
Sample

240815-a8psmavhph
MD5

98583f8dd020c99738c5cccd0fc7bbc5
SHA1

8fd3c23bf8e2537c4d466873452d0c02b911ec63
SHA256

5680e9b53c6caef9d67ca22db7adf5422f8d60248610db7d8b7fdbc0cfde34d2
SHA512

0e81046574d9d15e5bbe59f849b7afbe04a55e61b49a8b456f32ec97af7575233ad97292afeed90359be9ebaeb225e19cf4289424552d42683f4567556b43646
SSDEEP

1536:77L0M/W62DHSXlbsWsG6awZ0J7+xC8ZwvMx5TeEpxuTJWt:3YMQDHpWd6awcHeuTgt

Score

10^/10

guloader discovery downloader guloader

Malware Config

Extracted

Family

guloader

C2

https://drive.google.com/uc?export=download&id=1iCwhRA7c_EWbH6n9IYfjB2XdDTlzRgWo

xor.base64

Targets

- Target
  
  98583f8dd020c99738c5cccd0fc7bbc5_JaffaCakes118
- Size
  
  128KB
- MD5
  
  98583f8dd020c99738c5cccd0fc7bbc5
- SHA1
  
  8fd3c23bf8e2537c4d466873452d0c02b911ec63
- SHA256
  
  5680e9b53c6caef9d67ca22db7adf5422f8d60248610db7d8b7fdbc0cfde34d2
- SHA512
  
  0e81046574d9d15e5bbe59f849b7afbe04a55e61b49a8b456f32ec97af7575233ad97292afeed90359be9ebaeb225e19cf4289424552d42683f4567556b43646
- SSDEEP
  
  1536:77L0M/W62DHSXlbsWsG6awZ0J7+xC8ZwvMx5TeEpxuTJWt:3YMQDHpWd6awcHeuTgt
Score

10^/10

guloader discovery downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloaderguloader

behavioral2

guloaderdiscoverydownloaderguloader