guloader | 01e0379caa88a56f130a6a53efc07f1eeff553fb805490869703aae50af99ef9 | Triage

Sharing

General

Target

01e0379caa88a56f130a6a53efc07f1eeff553fb805490869703aae50af99ef9
Size

112KB
Sample

250127-xtt55asngq
MD5

1ae33f07393620a97cba69ccb379b46a
SHA1

46f3190bd736e151225efcbf231d75853c79bdbc
SHA256

01e0379caa88a56f130a6a53efc07f1eeff553fb805490869703aae50af99ef9
SHA512

ea9ce074a57a078f017a9a35933bfeaed04f84b78b02f9915387f368b93e511498c5c8fe7c894b77256eee06e8eac9121f9626ca580e71d9e5129561528e96fb
SSDEEP

1536:/Wy2Nwx6QzlpuLogVczfA0QD5+bbNqnKVNzXWy2Nwx0Wy2NwxPNz:CAEDVchQFmP0

Score

10^/10

guloader discovery downloader

Malware Config

Extracted

Family

guloader

C2

http://mtspsmjeli.sch.id/cl/XP_remcos%202021_HzUYr10.bin

xor.base64

Targets

- Target
  
  01e0379caa88a56f130a6a53efc07f1eeff553fb805490869703aae50af99ef9
- Size
  
  112KB
- MD5
  
  1ae33f07393620a97cba69ccb379b46a
- SHA1
  
  46f3190bd736e151225efcbf231d75853c79bdbc
- SHA256
  
  01e0379caa88a56f130a6a53efc07f1eeff553fb805490869703aae50af99ef9
- SHA512
  
  ea9ce074a57a078f017a9a35933bfeaed04f84b78b02f9915387f368b93e511498c5c8fe7c894b77256eee06e8eac9121f9626ca580e71d9e5129561528e96fb
- SSDEEP
  
  1536:/Wy2Nwx6QzlpuLogVczfA0QD5+bbNqnKVNzXWy2Nwx0Wy2NwxPNz:CAEDVchQFmP0
Score

10^/10

discovery guloader downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

guloaderdiscoverydownloader