guloader | 8603449abec4bd7d7a34dae843e77b981d8b28955177cc46f1c0d0141ff582ea | Triage

Submit
Reports

Overview

overview

Static

static

3

f895405151...18.exe

windows7-x64

f895405151...18.exe

windows10-2004-x64

Sharing

General

Target

f895405151cd97df731854ba8ce6ac7b_JaffaCakes118
Size

60KB
Sample

240926-rz1xzascql
MD5

f895405151cd97df731854ba8ce6ac7b
SHA1

e4e24dd039bec087f1239c8559a9395ae7332870
SHA256

8603449abec4bd7d7a34dae843e77b981d8b28955177cc46f1c0d0141ff582ea
SHA512

00475b4ecfa4bddcd7ce4e1f6af591c9848edb54ee75659232c7cf8e1be3af4531838e9edd2100815ac04e952c11602b5058d4adeb2f06642beea26d5e0abd34
SSDEEP

768:mfqvp1Iywe57Hg2tm+ykDPfqR2wIosk9pnJS7:dvEo1g2JDPC4oDpnJk

Score

10^/10

guloader discovery downloader guloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f895405151cd97df731854ba8ce6ac7b_JaffaCakes118.exe

Resource

win7-20240708-en

guloader discovery downloader guloader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f895405151cd97df731854ba8ce6ac7b_JaffaCakes118.exe

Resource

win10v2004-20240802-en

guloader discovery downloader guloader

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

http://rkpllaw.com/DRETH_encrypted_1FC11A0.bin

xor.base64

Targets

- Target
  
  f895405151cd97df731854ba8ce6ac7b_JaffaCakes118
- Size
  
  60KB
- MD5
  
  f895405151cd97df731854ba8ce6ac7b
- SHA1
  
  e4e24dd039bec087f1239c8559a9395ae7332870
- SHA256
  
  8603449abec4bd7d7a34dae843e77b981d8b28955177cc46f1c0d0141ff582ea
- SHA512
  
  00475b4ecfa4bddcd7ce4e1f6af591c9848edb54ee75659232c7cf8e1be3af4531838e9edd2100815ac04e952c11602b5058d4adeb2f06642beea26d5e0abd34
- SSDEEP
  
  768:mfqvp1Iywe57Hg2tm+ykDPfqR2wIosk9pnJS7:dvEo1g2JDPC4oDpnJk
Score

10^/10

guloader discovery downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloaderguloader

behavioral2

guloaderdiscoverydownloaderguloader

© 2018-2025

Terms | Privacy