guloader | 604e264d21abd35ab5bd848b647d03eec183e34d813352a5734c4dd3063ba22f | Triage

Submit
Reports

Overview

overview

Static

static

3

19dbe94b76...18.exe

windows7-x64

19dbe94b76...18.exe

windows10-2004-x64

Sharing

General

Target

19dbe94b766de8c0d6d2fddb3583a8a5_JaffaCakes118
Size

52KB
Sample

240628-mz8wcswamd
MD5

19dbe94b766de8c0d6d2fddb3583a8a5
SHA1

38fc91c4d421bc31014197f41c263a036a72af04
SHA256

604e264d21abd35ab5bd848b647d03eec183e34d813352a5734c4dd3063ba22f
SHA512

64e2f379d0bf232fec9de814e722036b536b0427321c59dafd32496de049815ca79df54d367d71588b1119ad0973f990d7292579e7e5426259124c1037dd0b86
SSDEEP

768:dMnHTMEGGzlAE37TPNedqVxKdHKYGmeyvhicia0j:uQEGG57TPduHTsPT

Score

10^/10

guloader downloader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

19dbe94b766de8c0d6d2fddb3583a8a5_JaffaCakes118.exe

Resource

win7-20240221-en

guloader downloader

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

19dbe94b766de8c0d6d2fddb3583a8a5_JaffaCakes118.exe

Resource

win10v2004-20240611-en

guloader downloader

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

guloader

C2

http://www.guardarunners.pt/wp-content/Host_IkaBCwUo229.bin

xor.base64

Targets

- Target
  
  19dbe94b766de8c0d6d2fddb3583a8a5_JaffaCakes118
- Size
  
  52KB
- MD5
  
  19dbe94b766de8c0d6d2fddb3583a8a5
- SHA1
  
  38fc91c4d421bc31014197f41c263a036a72af04
- SHA256
  
  604e264d21abd35ab5bd848b647d03eec183e34d813352a5734c4dd3063ba22f
- SHA512
  
  64e2f379d0bf232fec9de814e722036b536b0427321c59dafd32496de049815ca79df54d367d71588b1119ad0973f990d7292579e7e5426259124c1037dd0b86
- SSDEEP
  
  768:dMnHTMEGGzlAE37TPNedqVxKdHKYGmeyvhicia0j:uQEGG57TPduHTsPT
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader

© 2018-2024

Terms | Privacy