guloader | 8ce21356d57afd041db3b68f0247cfaaf553d8708b302b8e8164d720726fbeff | Triage

Sharing

General

Target

JaffaCakes118_534da8d9454d7a3735e6b29b585dd3f2
Size

118KB
Sample

250101-nlgqdswlej
MD5

534da8d9454d7a3735e6b29b585dd3f2
SHA1

d924c38ec06ef9dd287e226a79efa81a6110aca4
SHA256

8ce21356d57afd041db3b68f0247cfaaf553d8708b302b8e8164d720726fbeff
SHA512

35d86e8f94deb5b51e4bd5c09ef741ea95b666176236c71b542e623a8e8c0bcb2ed1f752b1044d69d9cca2cabd4d2b9ee23d413dbcd96a6c7b55d6611e7c53a1
SSDEEP

3072:pJoXNhLWPW3QhUaOaf+1fSmbFUqSkm+/Qo62G49Y/dL:pJodhLWPW3vaf+1qmbF7SS6c9M1

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  PO-DDC50015.exe
- Size
  
  104KB
- MD5
  
  23496e58bf5655705616fe393b7d5adc
- SHA1
  
  50e3dacdc7be16d0adbe4cc2b1d9df5b941ae686
- SHA256
  
  be869d17ee3a219c47d0d68cb6a17086ec8bfd2b189d0cd0fc79b1f0523a2df6
- SHA512
  
  12f763ae5a6ef1dd3dc7712e1939332791906bc0d668f29ccbbb5879878bd0ccd4d8d6e025b8f5dc45e138486edd9daad0e6ea5d8f51c8285e3bbd9c0b2bcbdd
- SSDEEP
  
  1536:yOHrFHi8FgGsGqr/MO1roiuKVovoW1W+zBJDbB5/Z6hl:VL1i8KGsGsT1roihdW4+tJx5M
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader