guloader | 6da9387b15b610559fccc33c85fc328e56089b7356952782d0cdf49a9898404c | Triage

Sharing

General

Target

ebcb6281620086f4f9986d042294390d_JaffaCakes118
Size

64KB
Sample

240919-vjxr6azbrh
MD5

ebcb6281620086f4f9986d042294390d
SHA1

6582f3986d57e3ff41dd540fbd429f297f9c707e
SHA256

6da9387b15b610559fccc33c85fc328e56089b7356952782d0cdf49a9898404c
SHA512

2fd15517c8c694461e0c67a570dd6ae7b2f5f90ed9a634ca6dd608ddce60a0067c41b70499fb2fe929424160744ab2db31aae6189a2127711ce4b62a3d1dbad4
SSDEEP

384:wYxM6Jo8yEdV1bpyNkXU8Z7t3Kl6mEZk/Aztm8mKtKnsg8TjGWGEOvM:1Xy8yEdV1bpyNkXD39ko5mpnb8GGOv

Score

10^/10

guloader discovery downloader

Malware Config

Extracted

Family

guloader

C2

https://goexploreindia.in/tkanilux_klWFCENDDZ82.bin

xor.base64

Targets

- Target
  
  ebcb6281620086f4f9986d042294390d_JaffaCakes118
- Size
  
  64KB
- MD5
  
  ebcb6281620086f4f9986d042294390d
- SHA1
  
  6582f3986d57e3ff41dd540fbd429f297f9c707e
- SHA256
  
  6da9387b15b610559fccc33c85fc328e56089b7356952782d0cdf49a9898404c
- SHA512
  
  2fd15517c8c694461e0c67a570dd6ae7b2f5f90ed9a634ca6dd608ddce60a0067c41b70499fb2fe929424160744ab2db31aae6189a2127711ce4b62a3d1dbad4
- SSDEEP
  
  384:wYxM6Jo8yEdV1bpyNkXU8Z7t3Kl6mEZk/Aztm8mKtKnsg8TjGWGEOvM:1Xy8yEdV1bpyNkXD39ko5mpnb8GGOv
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader