MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 76052e413d0120276d1e89e3af17283c7aad265934e5f44bd7238510e4975b86. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 76052e413d0120276d1e89e3af17283c7aad265934e5f44bd7238510e4975b86
SHA3-384 hash: c88272d016dcd09a8381f16de4fe5b44be193c69216d137be2dc2e7a9466e8827552a8ae187b943c014f5004b94b1b81
SHA1 hash: 0bbab7929156fb56d330c391cb0efe0c1159a68c
MD5 hash: 443648ebde7a94a4acc9f44bf9e563d9
humanhash: coffee-quebec-single-south
File name:File.zip
Download: download sample
Signature GuLoader
Create hunting rule
File size:76'533 bytes
First seen:2020-06-04 06:03:42 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 1536:HUUUbPgpPbyIkK5Wm6k0+p0OO9qXp2kBlBIkSW5BqdnE4B+:CY35FD5p0OVXp2MBSWiHB+
TLSH D973128891A0766A234C63B3C7D4E8BD0F153BB476E4300795A9F7F15CCE2345AA6267
Reporter abuse_ch
Tags:GuLoader zip


Avatar
abuse_ch
Malspam distributing GuLoader:

HELO: slot0.evstones.com
Sending IP: 45.95.169.27
From: Nicole Gapes<info@evstones.com>
Reply-To: gapes.nicole@yahoo.com
Subject: Property Purchase & Leasing
Attachment: File.zip (contains "File.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-06-04 04:32:46 UTC
AV detection:
26 of 48 (54.17%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=oycs4qj5aeqco3i6rhr26fzihr5k2jszgts7is6xeocrbzexloda._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

zip 76052e413d0120276d1e89e3af17283c7aad265934e5f44bd7238510e4975b86

(this sample)

GuLoader

Executable exe 6715e87f7070a2d7b5b2c71e98a7bade689a504aed3b95654af3494248a501d4

  
Dropping
MD5 c84a289f18bb7748c98274642b491f06
  
Dropping
GuLoader
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6715e87f7070a2d7b5b2c71e98a7bade689a504aed3b95654af3494248a501d4

Comments