guloader | f6b73c4eb766bcd2262d83c5d7fc316b1358dbe5aa4662a50c0b92155cf0d046 | Triage

Sharing

General

Target

f2a07e4c0fd907114c8afd6cc09ffac2_JaffaCakes118
Size

156KB
Sample

240923-tjmfravgnc
MD5

f2a07e4c0fd907114c8afd6cc09ffac2
SHA1

54c48aa87cf30280b2d35e3bd72a83aa60319c27
SHA256

f6b73c4eb766bcd2262d83c5d7fc316b1358dbe5aa4662a50c0b92155cf0d046
SHA512

f4ae5aee59aa24cd935995253d3cfbefac2f6b6be39b797cdbc34ea17cfadf37e26b3696448e682c103bcc5910d6c7e55fd607f60c4f2b0a85c8fe6871dbfc54
SSDEEP

3072:9i+61AHNJXT5BZMVv8eZ3UmxhiR+8OUQr0B:E+618ZCtVUmxA4Az

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  shipping-bill_PNR-Ref228C3290-12450-76123--BLMEDUU0610003--EBKG016897656.exe
- Size
  
  112KB
- MD5
  
  8685d406f3daa9573cd92ef858eacd04
- SHA1
  
  4ca949e3c62206c04d659bbe2d30d7c040023649
- SHA256
  
  5131026ed926f33115dafa7558e8892c1c5a274d57236f453ea8c160dfa81714
- SHA512
  
  3b5db98f613b8bdf0eb445fcd59c8506b8e2d53689eb4daecf34287308e580d757b43ec8c1c82342a213d8489134664ed0e09afaeb05b6221b9cfc429cb3a12b
- SSDEEP
  
  1536:NBG3z0LdQPaRxICmE90+2r3aIFZYIPZs7Dw/qxNRH4PHCski8ofNsn2nnPKzMBDV:XG3Udckmxa48Dw/qPxo3LfY2PKzY
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader