guloader | cde69abea1397fb63bd025093f5b65e71cf9e84ab47df04ab037e25a28d1e902 | Triage

Sharing

General

Target

JaffaCakes118_725f29d6e3b2dd6be3e04f7a1914cf4a
Size

304KB
Sample

250103-2k3s5axlct
MD5

725f29d6e3b2dd6be3e04f7a1914cf4a
SHA1

dc2c9cfc2f134917a087a1bd9e429cf4e608daef
SHA256

cde69abea1397fb63bd025093f5b65e71cf9e84ab47df04ab037e25a28d1e902
SHA512

78b6bb9547decfed6375ed732bcb39e1226b5fad320617a499b5ce31788f78a4bb09bfb2e1f36892e3a8e31c4c7880a5cd0798869b9df5e8aecfc8d1db7190dd
SSDEEP

3072:5YkeSWJ1aczful3Mf0SZpVjLwgCKVBJFJPycPX1I:5HebuLShQgTPJFJqc/i

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  fFINAL_SHIPPING-BILLS-Reg-99383000002292-EXPORTSDEPARTMENT.exe
- Size
  
  153KB
- MD5
  
  36e2c9a708acc771572b29b4e81dfa2a
- SHA1
  
  e99510061e765e1283cf411bf4e951a9ede31da5
- SHA256
  
  f4c6312482b7e30f45864de3a418e9a4f530c3187d63ab2885513d4efad002b8
- SHA512
  
  70fd08d99ad29701de934f62741d6dace4d18d2fbeff6625aeefa66a525410ab2c0e093178a066dda482a811b98d6dc970191c7aa1c74d4486e17bdbc0ccdc5b
- SSDEEP
  
  1536:LcIbLiBjHQgb7+YNSKCltIkP++YnCMobJ9Rv5yDK0Of43h7f:LiBjwCJctIkP++HrbTye0OfEf
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader