guloader | 790f423f015c7a47de1d62c5fa4148c8b491209b22a272cfff42b8cd7e61e0ee | Triage

Sharing

General

Target

22102024_1642_21102024_Transferenciapg.pdf.rar
Size

523KB
Sample

241022-t71y2svdkc
MD5

738f2869e82fd09d99a151c0b22573fd
SHA1

42556af9fadd7b65b9ecc3bf6ca3f1e94cd07e5c
SHA256

790f423f015c7a47de1d62c5fa4148c8b491209b22a272cfff42b8cd7e61e0ee
SHA512

e0de91f507f44c14444583313d9136ee0f3f3e13bb4f1d818f9f353ac8bcb369971c998658f7fb3be032cefa02facb5c33c37297a89fcedef9ff3ae4c0c8cb8e
SSDEEP

12288:t5wlR8HLHhiGmpwWZegl2xdNtMHylhMMl8RKd:KULBiGMje0mdNtMAe4d

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  outrap.exe
- Size
  
  535KB
- MD5
  
  89d011504235c0cc1b7877896e3bb44a
- SHA1
  
  33338ad41cfa61c6ba9459e1eb0bcf6a4a9dafad
- SHA256
  
  098669c0fc8d2b3e9cae033e8bd927ff051bf128240bd6d5dce6e7c02ffda5ce
- SHA512
  
  9bff43aeaebe9210f9419dcd0851d73d09ab5d509b1bb63cb2964eba107c89c6582332ed3ef61b3a84913ba7cfe2932d7324cbf4f91d268845d3ff112a5ea0ae
- SSDEEP
  
  12288:DMhuj/MHzCBAFfCw6Y2Tp0xLz/linh0s+ZHmkHN3HiPCpfBVx:IW0HzCBsCVG/le0HnHpHiwV
Score

10^/10

guloader discovery downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  cf85183b87314359488b850f9e97a698
- SHA1
  
  6b6c790037eec7ebea4d05590359cb4473f19aea
- SHA256
  
  3b6a5cb2a3c091814fce297c04fb677f72732fb21615102c62a195fdc2e7dfac
- SHA512
  
  fe484b3fc89aeed3a6b71b90b90ea11a787697e56be3077154b6ddc2646850f6c38589ed422ff792e391638a80a778d33f22e891e76b5d65896c6fb4696a2c3b
- SSDEEP
  
  96:3IsUxO9udx4qYp7AJb76BykUbQMtHUOA5Iv+RnsrqeXV+d1g2IW9t2c+cEwF9oug:YVL7ikJb76BQUoUm+RnyXVYO2RvHoug
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4