guloader | 1d14530ab788faba0a913bcc7ea99fc1b3490af1012055b07a41fe1adeded52a | Triage

Sharing

General

Target

JaffaCakes118_1d14530ab788faba0a913bcc7ea99fc1b3490af1012055b07a41fe1adeded52a
Size

228KB
Sample

241230-1p7gfazqaq
MD5

41e395214dc799539f401096f8a1728d
SHA1

f9beb696849f589a8b5054b87b838e082007c4a2
SHA256

1d14530ab788faba0a913bcc7ea99fc1b3490af1012055b07a41fe1adeded52a
SHA512

2a6cb1318ed0a50e291f70bb49e7e8a653ea44bd1bbd61a9667aaf7f9f6ea7240d970e30ee8dc04592e0f6c20e91d498e27e9665113efab23900b2db11f264a7
SSDEEP

6144:FsDF0/GYZVo8c921xl9oIq5F76TL14TRnZ:8m+vY1xl9O/S14TRZ

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  5e067ac9e724e3d2b2d2378c453c2e4490ebf4f1fe5a23978a6ee2bd1bdbe4dd
- Size
  
  312KB
- MD5
  
  d4176aac3d797b138a16351a243e2b73
- SHA1
  
  4f70a89cea0f2b90f954de38e0743c522f8d999a
- SHA256
  
  5e067ac9e724e3d2b2d2378c453c2e4490ebf4f1fe5a23978a6ee2bd1bdbe4dd
- SHA512
  
  dcd6ed5abb2c66fac4842fe40bf2c1c6b44be88e6c238a3802ae96d513fd27413f12f26f28b237d9c9700a943030ff0332b571656fb7eb2f912af0cd76917fe8
- SSDEEP
  
  6144:rbE/HUyscQZVfFt4jPvLvvjqhw5ZLajqqIZrJrZ:rbe1QJmjHrvjO7jqqIlL
Score

10^/10

discovery guloader downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4