guloader | 4d5dafcd58879d4855fe468b8930b1fb39744371f338a27ffe26efb56555b12e | Triage

Submit
Reports

Overview

overview

Static

static

3

490f912a00...18.exe

windows7-x64

5

490f912a00...18.exe

windows10-2004-x64

Sharing

General

Target

490f912a000e2da93b240765e76ed308_JaffaCakes118
Size

48KB
Sample

240516-chyzqafh83
MD5

490f912a000e2da93b240765e76ed308
SHA1

1314b561dbed543b969aebb8ed60f07bfe7152e2
SHA256

4d5dafcd58879d4855fe468b8930b1fb39744371f338a27ffe26efb56555b12e
SHA512

69fba90b288a52c0dc311d897ab17f7275ce15e88ead1e7b3fd8b636925ce7dbf0599a2014dab9812f1b2dd3692add754c871936b31c28c880f4a01a85bf2333
SSDEEP

768:YnrkN2548wvAECw90JO5x30n0ajjrRAao6T24cUH8Ge:UrkN2548w5CwWJO5d0nPrRFo6S4R+

Score

10^/10

guloader downloader guloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

490f912a000e2da93b240765e76ed308_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

490f912a000e2da93b240765e76ed308_JaffaCakes118.exe

Resource

win10v2004-20240426-en

guloader downloader guloader

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

https://onedrive.live.com/download?cid=E3F864783437E54C&resid=E3F864783437E54C%21120&authkey=AJxvhb5E2TNcfSY

xor.base64

Targets

- Target
  
  490f912a000e2da93b240765e76ed308_JaffaCakes118
- Size
  
  48KB
- MD5
  
  490f912a000e2da93b240765e76ed308
- SHA1
  
  1314b561dbed543b969aebb8ed60f07bfe7152e2
- SHA256
  
  4d5dafcd58879d4855fe468b8930b1fb39744371f338a27ffe26efb56555b12e
- SHA512
  
  69fba90b288a52c0dc311d897ab17f7275ce15e88ead1e7b3fd8b636925ce7dbf0599a2014dab9812f1b2dd3692add754c871936b31c28c880f4a01a85bf2333
- SSDEEP
  
  768:YnrkN2548wvAECw90JO5x30n0ajjrRAao6T24cUH8Ge:UrkN2548w5CwWJO5d0nPrRFo6S4R+
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

guloaderdownloaderguloader

© 2018-2024

Terms | Privacy