guloader | a1c17c59ff96629a89e6690e6d52e0476db20b23d5fc1ae9cbe18867aee01dc5 | Triage

Sharing

General

Target

JaffaCakes118_a1c17c59ff96629a89e6690e6d52e0476db20b23d5fc1ae9cbe18867aee01dc5
Size

201KB
Sample

241228-2cxbdatnfp
MD5

6fd354ab131bcedf8558d019a3b485ce
SHA1

2abb4c9933db5906e18f849de945c22890593675
SHA256

a1c17c59ff96629a89e6690e6d52e0476db20b23d5fc1ae9cbe18867aee01dc5
SHA512

171b351e28c2a95e2be002613efebb012654a90995145810d935e976aecda287a5290a280e2e0bf66f09d5278d26f247cdfc1a9274280b77add8cb0af2433861
SSDEEP

6144:Ut08t1aDkwSAri5HGUcW7ZIRcovgbcXv6ambW8Lz:UCbDkwxrMPD7aRcovHXv6DSI

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  bb27d4e0e5db3a83d42af246914e2f12c1cb3276c38b04ab429460af33cc7eda
- Size
  
  296KB
- MD5
  
  41c1ae130642a5924d7360365d0c92ac
- SHA1
  
  e437bd0353385a88f4c15bd430e90e583b734a70
- SHA256
  
  bb27d4e0e5db3a83d42af246914e2f12c1cb3276c38b04ab429460af33cc7eda
- SHA512
  
  e0b9e03cd21cdabfec3eafce2638297b68bc5087cbd6e8e34d007aae0d3fcc2fc1508db47455ba2bb67a14f1f3779cf35c546df2126925c7239251822574b117
- SSDEEP
  
  6144:/Dfe/ZReCl/KZwyZXgADnXBK7PKGVI4y8A:jhyPUXgADxKTKII4VA
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  66KB
- MD5
  
  70ba99745542354a2efcb1c2f167b62b
- SHA1
  
  8b18bc8d3e6e52222baef7ab7ab125436ef5c966
- SHA256
  
  711427242bff919c78fbba2b298b5d5898f75d73f1d7f4c4eb22badf525864a5
- SHA512
  
  e3504a8d8d2b8793078f6a1f6297fb4c017eaee58360882ea063ab717d11841f2effcec1ba6fada449d1cc491dea35c9a9512237fcdfaf6b55f70f95e9a4d085
- SSDEEP
  
  1536:LP4nWYcvlq0oam+2MwRmbeqFVybIZlITtOvR:Lw6q05oQytS
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  792b6f86e296d3904285b2bf67ccd7e0
- SHA1
  
  966b16f84697552747e0ddd19a4ba8ab5083af31
- SHA256
  
  c7a20bcaa0197aedddc8e4797bbb33fdf70d980f5e83c203d148121c2106d917
- SHA512
  
  97edc3410b88ca31abc0af0324258d2b59127047810947d0fb5e7e12957db34d206ffd70a0456add3a26b0546643ff0234124b08423c2c9ffe9bdec6eb210f2c
- SSDEEP
  
  192:rFiQJ771Jt17C8F1A5xjGNNvgFOiLb7lrT/L93:X71Jt48F2eNvgFF/L
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4

behavioral5

behavioral6