guloader | bd4499ee1845b2eeadc364b26f6e5891aaa699945a1125e6fcceedaac87f9090 | Triage

Resubmissions

27-09-2024 14:39

240927-r1ar6szcmd 10

27-09-2024 14:35

240927-rxz8naxbjq 10

Sharing

General

Target

Payment_Volksbank_EUR36550-Bestellung -4500673541.com.exe
Size

811KB
Sample

240927-r1ar6szcmd
MD5

97249feaaa2dd67af540e7615533294c
SHA1

dbfde83716b7253d7640d2ae3b45774337ce5931
SHA256

bd4499ee1845b2eeadc364b26f6e5891aaa699945a1125e6fcceedaac87f9090
SHA512

c3dc5f9733e673f23d8d553e613a61fc9854a02f7f87a0305450cf34fb4f1c1be7ea011ac99fb1ee0a37a68a15ae6761948f2af9a5f03067cbf76a34568961a8
SSDEEP

12288:BTuHVrQ4WOKO7gN9GB5VG7K+M6HmPXMi+LO6Y1DLWqTylvQ9IFHepohIxFt7hxXO:twh/7Hy7K+zsXMTwAMWR9hoRR7jKzjrf

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Payment_Volksbank_EUR36550-Bestellung -4500673541.com.exe
- Size
  
  811KB
- MD5
  
  97249feaaa2dd67af540e7615533294c
- SHA1
  
  dbfde83716b7253d7640d2ae3b45774337ce5931
- SHA256
  
  bd4499ee1845b2eeadc364b26f6e5891aaa699945a1125e6fcceedaac87f9090
- SHA512
  
  c3dc5f9733e673f23d8d553e613a61fc9854a02f7f87a0305450cf34fb4f1c1be7ea011ac99fb1ee0a37a68a15ae6761948f2af9a5f03067cbf76a34568961a8
- SSDEEP
  
  12288:BTuHVrQ4WOKO7gN9GB5VG7K+M6HmPXMi+LO6Y1DLWqTylvQ9IFHepohIxFt7hxXO:twh/7Hy7K+zsXMTwAMWR9hoRR7jKzjrf
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  9625d5b1754bc4ff29281d415d27a0fd
- SHA1
  
  80e85afc5cccd4c0a3775edbb90595a1a59f5ce0
- SHA256
  
  c2f405d7402f815d0c3fadd9a50f0bbbb1bab9aa38fe347823478a2587299448
- SHA512
  
  dce52b640897c2e8dbfd0a1472d5377fa91fb9cf1aeff62604d014bccbe5b56af1378f173132abeb0edd18c225b9f8f5e3d3e72434aed946661e036c779f165b
- SSDEEP
  
  192:eX24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlqSlS:D8QIl972eXqlWBFSt273YOlqz
Score

3^/10

discovery
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2