guloader | f35fac8e2c032a3c86b0e53fd04dc1007d951b13436e9b120ccdb7f4f9903b1c | Triage

Sharing

General

Target

f35fac8e2c032a3c86b0e53fd04dc1007d951b13436e9b120ccdb7f4f9903b1cN.exe
Size

633KB
Sample

241129-f9k4qatpap
MD5

1c95531a943e71d70afbb794ced49070
SHA1

6e0ad1a65c6c318e308a17a736374aeec23419e1
SHA256

f35fac8e2c032a3c86b0e53fd04dc1007d951b13436e9b120ccdb7f4f9903b1c
SHA512

f8227f7828548d3284da309646f39c5f8c7184bdfdaa984ceca1ac32340f53be9f7e7eee77212fa6192b03c677f7323775f822b916a076caf74a7cf173940021
SSDEEP

12288:g33KGpVvqisW42Vj4Y1x6NqWHXzVhUIxFYv7PFBUJ/uLlbC/k:6VDTFrQRRxs7hLlT

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  f35fac8e2c032a3c86b0e53fd04dc1007d951b13436e9b120ccdb7f4f9903b1cN.exe
- Size
  
  633KB
- MD5
  
  1c95531a943e71d70afbb794ced49070
- SHA1
  
  6e0ad1a65c6c318e308a17a736374aeec23419e1
- SHA256
  
  f35fac8e2c032a3c86b0e53fd04dc1007d951b13436e9b120ccdb7f4f9903b1c
- SHA512
  
  f8227f7828548d3284da309646f39c5f8c7184bdfdaa984ceca1ac32340f53be9f7e7eee77212fa6192b03c677f7323775f822b916a076caf74a7cf173940021
- SSDEEP
  
  12288:g33KGpVvqisW42Vj4Y1x6NqWHXzVhUIxFYv7PFBUJ/uLlbC/k:6VDTFrQRRxs7hLlT
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  12b140583e3273ee1f65016becea58c4
- SHA1
  
  92df24d11797fefd2e1f8d29be9dfd67c56c1ada
- SHA256
  
  014f1dfeb842cf7265a3644bc6903c592abe9049bfc7396829172d3d72c4d042
- SHA512
  
  49ffdfa1941361430b6acb3555fd3aa05e4120f28cbdf7ceaa2af5937d0b8cccd84471cf63f06f97cf203b4aa20f226bdad082e9421b8e6b62ab6e1e9fc1e68a
- SSDEEP
  
  192:gFiQJ77pJp17C8F1A5xjGNxrgFOgb7lrT/nC93:E7pJp48F2exrg5F/C
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4