guloader | cbb132ffbd02256bece8a16f5b9757c3c46cc8d896cee7c10e1591bb92bb27ee | Triage

Sharing

General

Target

d66238e189f964eb0c40bd4800e4ca0c_JaffaCakes118
Size

128KB
Sample

240909-qge24szbrj
MD5

d66238e189f964eb0c40bd4800e4ca0c
SHA1

3d288f9b59c141bc13ea5c60d6e146f2b096b010
SHA256

cbb132ffbd02256bece8a16f5b9757c3c46cc8d896cee7c10e1591bb92bb27ee
SHA512

a8a607f0f760002b2822a5514bb021e2d136fa61af24557a489fef26c56da0c9d475a74d8582428095170f8d6013551501df1d8d718e8d43f08c2df06ac6da23
SSDEEP

1536:0QkuHjEXP0OjjjjjjjjjjjjEjjjjjjj+jjjYjjjjjjjjjjjj+jCjjjjjj+jjjjjO:0SHjEf0IBXBbd37X5tCATYos0HS

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  nK1RG814XYZ-CONTRACT-ADDENDUM-AA-20E0005417-AA-20E0005417.exe
- Size
  
  92KB
- MD5
  
  3181fa36eda5d947e79842c05c1e48ca
- SHA1
  
  6e8a30dbfbea4382b2388bbe7abff532e82c95c9
- SHA256
  
  2e3475f9f71e416d3201f08c53d671e2f5bb75b6bfaff7cdc837f63d0ea7a34c
- SHA512
  
  ab5c0461eb7c61972252d5dc7b16e319ded7439acc566cb1343e67e4491eccfea40a822532023672fde46e52136e900a7f414c5fd39b41adc7568dcca97902b0
- SSDEEP
  
  768:BFbzq+TsC0jsEWq4rscx1L5B7f6HwCPDkrHezfZlMjkzboCv7qiMKwfFQhNnxW4P:3zImVxbdfK/sHG/MjGktQhnWNFMf
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader