guloader | 4db19ede54a1426392611861297274b218816b9d9cd5d356e9484bafd8f72ebc | Triage

Sharing

General

Target

b91e2027258fdfb4ef890b9ce4309231_JaffaCakes118
Size

184KB
Sample

241202-tv6nrsxnap
MD5

b91e2027258fdfb4ef890b9ce4309231
SHA1

bd9bdfa77471be6726c287ca0153f054631cab0a
SHA256

4db19ede54a1426392611861297274b218816b9d9cd5d356e9484bafd8f72ebc
SHA512

fd5b7b832a0f190a02735057d772d43d0421a244b6ac8508e9533f5800102d6fcc1ece611b27f84bf205b256676402b9e685be926d3e5b0eea66311cc7afbcbd
SSDEEP

1536:h6Q81Lp72+X1oXQnn7nUp1HXOcI5tLBua5q6pnFcZFca1GgHh2LBqZk:hmR9oXk7nf31dpFe1GgHhUBqZk

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Booking+confirmation_PNR-Ref228C3290-12450-76123--BLMEDUU0610003--EBKG016897656.exe
- Size
  
  96KB
- MD5
  
  4f91666918086ef56d0fccf8735d42a4
- SHA1
  
  e12eba5747ba019c4032a7204e973a9f0ed59a7b
- SHA256
  
  3a35948de46b5dc5ab529c01c835607edbfb768d937e49d96bbf24586d01a7d7
- SHA512
  
  fd938d26245a20b1d8d9ee74ed22b5da8e28ad0c6e8e42f1dfe8944fdc5e216d1261b31d97f00ddd72885a231792ca419985c08b9812b5fb9703deda7aad324e
- SSDEEP
  
  1536:kBLUiQMEXdfwKv7sfOhxs7ydbbhCvtrQ/dumxfI:gEbDIKjdblCvhQ7xg
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader