guloader | c05e5a9a77bcf8cb8ee558074692d7932e5abacf3485530246c434810864c621 | Triage

Sharing

General

Target

JaffaCakes118_c05e5a9a77bcf8cb8ee558074692d7932e5abacf3485530246c434810864c621
Size

133KB
Sample

241225-sfbz6swmgk
MD5

059c0a69e93d5f3f85168d768757e514
SHA1

fe62155785d443c840d983d1081885e22a10b87e
SHA256

c05e5a9a77bcf8cb8ee558074692d7932e5abacf3485530246c434810864c621
SHA512

4ceb198eec5368bf464f9e6d9478356af1bdded460fa36a770425dfbf4451ca0266447eafbf926fec7ece284a2dd53ee26cf863262b1ea9adfa7721ec2301d92
SSDEEP

3072:guTHhOYbk5we5vPORfq13iJZ7Kdu5zQk4c1G3ENIZ9FmuKwn9w:guUYV+vPOxqIKg8k4c8yI/4cn9w

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  6fbdfa1e431f6fcabcd9ff1153df4f394b751f250c0e1c67db11164928618399
- Size
  
  148KB
- MD5
  
  d2b3b996eae76e4f9dab220899ef60ab
- SHA1
  
  9640ef487ec37202ef531541cdc0297cc3db5fb9
- SHA256
  
  6fbdfa1e431f6fcabcd9ff1153df4f394b751f250c0e1c67db11164928618399
- SHA512
  
  25375a8d2324aecf3f436ea3e2c71ff14af3a96b0d6a5b1c935dcc25be4d4a2934f97b76f24762d5d7b409f296ef478b81b4ac5a5e07ca35f43064e4c3e50900
- SSDEEP
  
  3072:4bG7N2kDTHUpouaVb86ZCPTtSWsw3Rs+P2JYjIFBX6R47onlBXlLmCcIDEQ:4bE/HUM8oC+oP4bFQR4ElBX1cfQ
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4