guloader | bc268354a0781213cc15dbe4ce3d577dc24c13dff07003f08b1c1f5b5f9561af | Triage

Sharing

General

Target

04102024_0116_03102024_PEDIDO - 002297.rar
Size

427KB
Sample

241004-bm4v4awfrl
MD5

30ea32ce8d961a3ea5636bd747575b0c
SHA1

63284c12e486ac3cffe28aa0b4c36ffbc663f410
SHA256

bc268354a0781213cc15dbe4ce3d577dc24c13dff07003f08b1c1f5b5f9561af
SHA512

68316f375747e8f1a0a873989a7102e0bbec6a7f9a1850e5d1e12f396feca3790e1242dca17ad34ed73e8425868c6c38882c96641b10eea7e71e99b819699f7c
SSDEEP

12288:A13SJ0EoMldUjyjsaoyHqWFzdFeEcukGytCDb4Co:A1I1oGUTaoyKWB0uOCP4X

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  pedido - 002297.exe
- Size
  
  555KB
- MD5
  
  e7b674773e7c72426b2bcc90a9c1e299
- SHA1
  
  174323edc68682341dd312095cefaa2c6680de24
- SHA256
  
  643a505fefdbf1f0fa9915550a75b2b739aba1683858f92f332c9585c838690d
- SHA512
  
  88775e285072fd73cc42eb162b30f81197830befe7751529b4dc3a4d021571a17b90323805236149683097850916cc534205467ed0f584f67cb79b029f771ddb
- SSDEEP
  
  12288:TaIq2S5iC8dHsPeOXHO80cE6PU2dLkbdG0A:WrJ8MLXHO8ZE6PU4IdGb
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  8b3830b9dbf87f84ddd3b26645fed3a0
- SHA1
  
  223bef1f19e644a610a0877d01eadc9e28299509
- SHA256
  
  f004c568d305cd95edbd704166fcd2849d395b595dff814bcc2012693527ac37
- SHA512
  
  d13cfd98db5ca8dc9c15723eee0e7454975078a776bce26247228be4603a0217e166058ebadc68090afe988862b7514cb8cb84de13b3de35737412a6f0a8ac03
- SSDEEP
  
  192:ex24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlESlS:h8QIl972eXqlWBFSt273YOlEz
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4