guloader | 3d1067331b7bed8a818ca2efcec2136667f2a180d0ee716a6f9b475e9df2fd7d | Triage

Sharing

General

Target

49b298624de14b573163b90397130419.exe
Size

1.0MB
Sample

250225-qy43kaxqs6
MD5

49b298624de14b573163b90397130419
SHA1

013b0fe9893158822f141113dfe46cd924e2a443
SHA256

3d1067331b7bed8a818ca2efcec2136667f2a180d0ee716a6f9b475e9df2fd7d
SHA512

b21c95d074e2c55b2e0f58a6158c1b393f84dab10c79a4fcfa0b86e4a69e29c2052fac8ecfb5448032a833f379c683d1ac79754ad04226a0086139f5005aedd8
SSDEEP

24576:LzOEC045nLnc5hdrvxFqJ+ZIEDw4vNG5Hgapn:eEeFLu12J+lktNge

Score

10^/10

guloader discovery downloader

Malware Config

Targets

- Target
  
  49b298624de14b573163b90397130419.exe
- Size
  
  1.0MB
- MD5
  
  49b298624de14b573163b90397130419
- SHA1
  
  013b0fe9893158822f141113dfe46cd924e2a443
- SHA256
  
  3d1067331b7bed8a818ca2efcec2136667f2a180d0ee716a6f9b475e9df2fd7d
- SHA512
  
  b21c95d074e2c55b2e0f58a6158c1b393f84dab10c79a4fcfa0b86e4a69e29c2052fac8ecfb5448032a833f379c683d1ac79754ad04226a0086139f5005aedd8
- SSDEEP
  
  24576:LzOEC045nLnc5hdrvxFqJ+ZIEDw4vNG5Hgapn:eEeFLu12J+lktNge
Score

10^/10

guloader discovery downloader
- Guloader family
  guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtCreateThreadExHideFromDebugger
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  3f176d1ee13b0d7d6bd92e1c7a0b9bae
- SHA1
  
  fe582246792774c2c9dd15639ffa0aca90d6fd0b
- SHA256
  
  fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e
- SHA512
  
  0a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6
- SSDEEP
  
  192:OPtkumJX7zB22kGwfy0mtVgkCPOsX1un:/702k5qpdsXQn
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

guloaderdiscoverydownloader

behavioral2

guloaderdiscoverydownloader

behavioral3

behavioral4