MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0119e714f6b46e4790dd3944850a5d3fa8b147e258389b17fd900406b9adb5ca. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 4 Yara Comments

SHA256 hash: 0119e714f6b46e4790dd3944850a5d3fa8b147e258389b17fd900406b9adb5ca
SHA1 hash: f7efbf8781ffd5372aba1ef6a165a10ba64a2e5b
MD5 hash: 340eb44b60732938b5451bd1fa610e5a
File name:Order2256215M_pdf.zip
Download: download sample
Signature GuLoader
File size:24'052 bytes
First seen:2020-05-22 15:03:24 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 384:KKtUZsGZwSxYJP6clNif1o5KG4buuwIvs1IO6ED2Gph44XBJFmtKJXcKIGG4tWm0:KK9G/xU6clK6KG9Yvs1tzU4XZmKMGsm0
TLSH 23B2E2B6366415F0690490F8CD341FBB48FBA91F2549AD59C3CF806579F3E59D700E61
Reporter @abuse_ch
Tags:GuLoader zip


Twitter
@abuse_ch
Malspam distributing GuLoader:

HELO: qq.com
Sending IP: 183.3.255.184
From: Sales <reservations@ss-wq.com>
Reply-To: pay@sh-soa.com
Subject: New Order (Urgent)
Attachment: Order2256215M_pdf.zip (contains "Order#2256215M_pdf.exe")

Intelligence


Mail intelligence
Trap location Impact
Global Low
# of uploads 1
# of downloads 23
Origin country US US
ClamAV Sanesecurity.Malware.25815.ZipHeur.BadExt.UNOFFICIAL
Sanesecurity.Malware.25190.ZipHeur.UNOFFICIAL
VirusTotal:Virustotal results 30.30%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

zip 0119e714f6b46e4790dd3944850a5d3fa8b147e258389b17fd900406b9adb5ca

(this sample)

  
Dropping
GuLoader
  
Delivery method
Distributed via e-mail attachment

Comments