MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bc509742fbacb00e1217a18d6b4f1229580f599e947733b4fb1cd047b1eebdf0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bc509742fbacb00e1217a18d6b4f1229580f599e947733b4fb1cd047b1eebdf0
SHA3-384 hash: 3e99abfb0b33f8dbfb37d2446a6ca88b0b8001513b7cab44065a564f60b1c8ab1355b45ab7cf427c305d6538dd7e6857
SHA1 hash: d00b2e623f28608544ac6d50b6426ae59f33429c
MD5 hash: 464a394372dc591637040d926c72eb12
humanhash: spaghetti-early-white-illinois
File name:SecuriteInfo.com.Malware.14211
Download: download sample
Signature GuLoader
Create hunting rule
File size:114'688 bytes
First seen:2020-05-25 16:12:08 UTC
Last seen:2020-05-25 16:46:52 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 85390626c1945ac49ab04413e023375c (1 x GuLoader)
ssdeep 768:9kIAcCNwOT179Hu2rU2uPzyzCxirK9X1FOmCNzFSryZy8/7nf8cFKf7PXpc3tB:OIWN62rgzKCxiOJTCKrq/7kcFqbXpQ
Threatray 64 similar samples on MalwareBazaar
TLSH EEB31757B5C5CCF5EF745FF2083160B51E5AAC221D024F8B2082BA1F5D3B99B69E2236
Reporter SecuriteInfoCom
Tags:GuLoader

Intelligence

File Origin
# of uploads :
2
# of downloads :
71
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/5592/
Detection(s):
SecuriteInfo.com.Malware.14211.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-25 13:01:24 UTC
File Type:
PE (Exe)
Extracted files:
4
AV detection:
21 of 31 (67.74%)
Threat level:
  2/5
Verdict:
malicious
Label(s):
guloader
Create hunting rule
Similar samples:
1cd2e3b696656354859e0ffdb5bca866fadf42f59c9e2da1c228e0b52fa5f368
GuLoader
443bc33e9d28fddd4229367cde23085b8d57549093ce8e991eb4753ce58c85fe
GuLoader
69386692648e92eb4a80be0962bc1dff4a1c6773ed7ae2f30a2947ad96449f03
GuLoader
707025aabf49be938c24b5b6614d2008b928ff596fb405d7be2338b1cf1ae04d
GuLoader
884209a719966f7d043193d01453eb707f176dab896173c493097f09940ded43
GuLoader
b022be4adc35569368e23da7b344c4f9a4ce9efffaf1013d1fc778cb2b58f67f
GuLoader
b624f2628a187644b398db22269d178207461ea7180bc442b3623a0ec67d35f2
GuLoader
dda25996ab5b78fa63ab71aa304360374fe2eb6ded670c778b2c69d9fa1f1e40
GuLoader
e78024e5a271686a09ed988baa347a537c0cf49abb6966f434f4d350d06d9115
GuLoader
ef8f03a25087eeab581d8439a0a19ba7148270d2210d479c1d6867fac69dc813
GuLoader
+ 54 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  5/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-zndgnhnqbx/
Behaviour
Suspicious use of SetWindowsHookEx
Suspicious use of NtSetInformationThreadHideFromDebugger
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/5592/

Comments