guloader | 5b3310fbfadcfffebdaf908f29c351e791b03aa73bcdb813a6eca25b59dadc49 | Triage

Sharing

General

Target

14022025_0136_13022025_Payment13022025000001111928374.gz
Size

555KB
Sample

250214-b1kdlsyqcx
MD5

da700982b9c08a12edd53c9ffaff055a
SHA1

7dc58f1c2a1e8911e90768be0696a7c67738ff03
SHA256

5b3310fbfadcfffebdaf908f29c351e791b03aa73bcdb813a6eca25b59dadc49
SHA512

91fdd09615534b77225c824664850e4221d496b1ee595c4ed42d20490426301da7e77eec26ab342b4bdaa134d0b898d66a8d9ad5a4032e81f97706fc25313955
SSDEEP

12288:dgH1AJ9TeDrRXi4wF/aP69f237TeVWfqNDEWtYu7yfsr:SHK5uI4O/aP698T2bIhxsr

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  Payment13022025000001111928374.exe
- Size
  
  684KB
- MD5
  
  a427b0f23670795d88e895ac89f409ef
- SHA1
  
  1dbbf6026db9fd2a608b9bf20e4ff0d5412586f1
- SHA256
  
  ba0f881b0462cfdac753320699ef91fff494497e9fe3ac5c3b9af951f0e14b4f
- SHA512
  
  a03e1436cbea3061d8e1094294c21103ceb8d5ded2a03194fbe90b41a0c4e0e2753ca449b0d432f38f916897aeba956e6632dc34c91ae910c429a7bb6841369c
- SSDEEP
  
  12288:hDG4hAuAs8nf8gvArebnK9JUnnMam9x3neWTTiiuolhLFz:t2ns8nf8gvue7K9+nM59x3eWf4oLLFz
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Downloads MZ/PE file
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  ee260c45e97b62a5e42f17460d406068
- SHA1
  
  df35f6300a03c4d3d3bd69752574426296b78695
- SHA256
  
  e94a1f7bcd7e0d532b660d0af468eb3321536c3efdca265e61f9ec174b1aef27
- SHA512
  
  a98f350d17c9057f33e5847462a87d59cbf2aaeda7f6299b0d49bb455e484ce4660c12d2eb8c4a0d21df523e729222bbd6c820bf25b081bc7478152515b414b3
- SSDEEP
  
  192:eF24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol9Sl:h8QIl975eXqlWBrz7YLOl9
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4