guloader | b0a39c9667944f066ff4d59094a1cad331587236ea385d4ecc48b647236ad427 | Triage

Submit
Reports

Overview

overview

Static

static

3

0f1a5666c9...18.exe

windows7-x64

0f1a5666c9...18.exe

windows10-2004-x64

Sharing

General

Target

0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118
Size

100KB
Sample

240625-w6y46sycjm
MD5

0f1a5666c9775d2b44dda70de661bb7d
SHA1

4b825c8c20c58ab6d109035d0168af633cefbca7
SHA256

b0a39c9667944f066ff4d59094a1cad331587236ea385d4ecc48b647236ad427
SHA512

1d84b0088d4f7858d379f6e0084ce889b31175695b522af51a2d5ea1658a082ab6704a1822b9267b3b418139f40a3fa0ae7f8b5609a9f4bacd6318722406319f
SSDEEP

1536:ug0+Rd+TotduPhWqdRiz3L736JdWSoZKfR6zuE:rdIPJ5R8L7qHWSA

Score

10^/10

guloader downloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exe

Resource

win7-20240611-en

guloader downloader

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118.exe

Resource

win10v2004-20240611-en

guloader downloader

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

http://mtspsmjeli.sch.id/cl/XP_remcos%202021_HzUYr10.bin

xor.base64

Targets

- Target
  
  0f1a5666c9775d2b44dda70de661bb7d_JaffaCakes118
- Size
  
  100KB
- MD5
  
  0f1a5666c9775d2b44dda70de661bb7d
- SHA1
  
  4b825c8c20c58ab6d109035d0168af633cefbca7
- SHA256
  
  b0a39c9667944f066ff4d59094a1cad331587236ea385d4ecc48b647236ad427
- SHA512
  
  1d84b0088d4f7858d379f6e0084ce889b31175695b522af51a2d5ea1658a082ab6704a1822b9267b3b418139f40a3fa0ae7f8b5609a9f4bacd6318722406319f
- SSDEEP
  
  1536:ug0+Rd+TotduPhWqdRiz3L736JdWSoZKfR6zuE:rdIPJ5R8L7qHWSA
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader

© 2018-2024

Terms | Privacy