guloader | f2cbbe857d50e6efea135d352b3a94aef0a3ba8ddb312338162fe1865c994014 | Triage

Sharing

General

Target

f2cbbe857d50e6efea135d352b3a94aef0a3ba8ddb312338162fe1865c994014
Size

392KB
Sample

240707-f4w9ssvcqk
MD5

5fa3825f066a4dd7874aa7af89f76dec
SHA1

523aa0bed3efd0f93f1589b2dc8cbda8863be802
SHA256

f2cbbe857d50e6efea135d352b3a94aef0a3ba8ddb312338162fe1865c994014
SHA512

41802c47d0643195649a1e245270170fe1171707c82d514c78e5293c9fe0652144cf894802f8e65600868947966fffa9d02b1d9673bfcf8e133a1857837bbdaa
SSDEEP

6144:eC2/PdUNW63g/iZSHnN0/r8GjdxiUc4IFfswLQWNWxeuyAQhiYFnscNLF6QM:aF/633QHN0/J6FfswL1qeubQhRFsusn

Score

10^/10

guloader downloader

Malware Config

Targets

- Target
  
  f2cbbe857d50e6efea135d352b3a94aef0a3ba8ddb312338162fe1865c994014
- Size
  
  392KB
- MD5
  
  5fa3825f066a4dd7874aa7af89f76dec
- SHA1
  
  523aa0bed3efd0f93f1589b2dc8cbda8863be802
- SHA256
  
  f2cbbe857d50e6efea135d352b3a94aef0a3ba8ddb312338162fe1865c994014
- SHA512
  
  41802c47d0643195649a1e245270170fe1171707c82d514c78e5293c9fe0652144cf894802f8e65600868947966fffa9d02b1d9673bfcf8e133a1857837bbdaa
- SSDEEP
  
  6144:eC2/PdUNW63g/iZSHnN0/r8GjdxiUc4IFfswLQWNWxeuyAQhiYFnscNLF6QM:aF/633QHN0/J6FfswL1qeubQhRFsusn
Score

10^/10

guloader downloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  4KB
- MD5
  
  d65d779d22e2d4556b6d6ce717e54da3
- SHA1
  
  d2be64d2a1d2a66963daa2a02ffcb5471b580fe1
- SHA256
  
  758a49ba0825f8cc82421e2cd89282358994b377be6c402f2be007ab678911f7
- SHA512
  
  7fe752e79a5b782bb7c8fe2bf535d9bd97119a983f86083d83b5646e25fa8e83ab9fd8e6068b4cd053f4b391b4448067542bf71799418596c0da20272b462114
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/BgImage.dll
- Size
  
  7KB
- MD5
  
  350a507070ed063ac6a511aeef67861a
- SHA1
  
  cf647b90a1212e090f1d236d1b50a5010cbf3bae
- SHA256
  
  5c66abd3f06eaa357ed9663224c927cf7120dca010572103faa88832bb31c5ab
- SHA512
  
  cde5747cc8539625e4262afad9699ce4e8325133d7ed7f47b9d46989a7aa0d2cc2488441acc57368f485ef1dd3e02b9ef2faa642f68e9f1db53a39e0f896d468
- SSDEEP
  
  96:8eE0AKTIfv7QCUsthvNL85s4lk38Eb3CDfvEh8uLzqkwnLiEQjJ3KxkP:tWBfjbUA/85q3wEh8uLmjLpmP
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  2ae993a2ffec0c137eb51c8832691bcb
- SHA1
  
  98e0b37b7c14890f8a599f35678af5e9435906e1
- SHA256
  
  681382f3134de5c6272a49dd13651c8c201b89c247b471191496e7335702fa59
- SHA512
  
  2501371eb09c01746119305ba080f3b8c41e64535ff09cee4f51322530366d0bd5322ea5290a466356598027e6cda8ab360caef62dcaf560d630742e2dd9bcd9
- SSDEEP
  
  192:vPtkumJX7zB22kGwfy0mtVgkCPOsE1un:k702k5qpdsEQn
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  13b6a88cf284d0f45619e76191e2b995
- SHA1
  
  09ebb0eb4b1dca73d354368414906fc5ad667e06
- SHA256
  
  cb958e21c3935ef7697a2f14d64cae0f9264c91a92d2deeb821ba58852dac911
- SHA512
  
  2aeeae709d759e34592d8a06c90e58aa747e14d54be95fb133994fdcebb1bdc8bc5d82782d0c8c3cdfd35c7bea5d7105379d3c3a25377a8c958c7b2555b1209e
- SSDEEP
  
  96:oyqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4yqndYHnxss:oyq+CP3uKrpyREs06YxKdGn
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

guloaderdownloader

behavioral2

guloaderdownloader

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10