guloader | bc61179fcc03e546819401cc9645fd5ddacf3d3403e6c1c54b1d99488535b1e0 | Triage

Submit
Reports

Overview

overview

Static

static

3

Beklaedte.exe

windows7-x64

Beklaedte.exe

windows10-2004-x64

Sharing

General

Target

DOC.rar
Size

462KB
Sample

241008-vnhtsszdke
MD5

4e19fcce8b0b1d6d2a53ed6da3fcd138
SHA1

b7fc27a28667fa4f74f0cd5b6f454443b3a4f6e3
SHA256

bc61179fcc03e546819401cc9645fd5ddacf3d3403e6c1c54b1d99488535b1e0
SHA512

5ade6448745eb90b66252157362b875dcceda5a3bf7d231bb444de6b1ddefc1a8bde4fae0efea9c618ef578eb7f98b06e02c34beae178e5c171cf89a43d521fc
SSDEEP

12288:knbon6UUBWIkhL1+OQjiAefqKcWfLI//rFQ9l7a1:PjRhL1+OQjAy4MrF+l7a1

Score

10^/10

guloader discovery downloader

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Beklaedte.exe

Resource

win7-20240903-en

guloader discovery downloader

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Beklaedte.exe

Resource

win10v2004-20241007-en

guloader discovery downloader

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Beklaedte.exe
- Size
  
  606KB
- MD5
  
  cf8ede5bc41c100855b170b857629751
- SHA1
  
  b99057a6573a0fcc29f182fb818299c532bd366c
- SHA256
  
  6892cea7d275266ae66c8584a3875c36d5cddd6bfef1faaf1d8e798dc570bb36
- SHA512
  
  23c77fab74507f98605d40af65da88795f8d61923cb6bf34c8a2c90e2de50601b92ea34cc9a389a8775136acd72fbf9b8aadcd752c05ecc2f132b01c39539628
- SSDEEP
  
  12288:N22twlGRvdn5CD0sCk/sa8xJBknPoRgovCi906OLq:N22twlcv80sF/2BSP+grf6OG
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

© 2018-2025

Terms | Privacy