MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0404e53e7d82a26aef1df74ed6c2c620ba90fc9ad7a14401869f100f1e0ee21c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0404e53e7d82a26aef1df74ed6c2c620ba90fc9ad7a14401869f100f1e0ee21c
SHA3-384 hash: 5cb76ee1d1777bce166561c0398584a792c9634e937167d006c5daf7cc68bf4bb06155b89f75304f01d0bca962ad6233
SHA1 hash: e847a9e9d1493e90c9c5eeab267f87ba26deab00
MD5 hash: b69fbb741ed0e941867aabc90dc0dcaa
humanhash: vermont-river-magazine-uranus
File name:2020-30.zip
Download: download sample
Signature GuLoader
Create hunting rule
File size:25'326 bytes
First seen:2020-04-30 07:24:46 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 384:03q7eaZlKfTa4NyXF/9QF4mwnBWCCIlSq7R8Uq7Eo3RHq2tk/LTIwNZFSB3:6q7DZlsgX99QSwCqq7KUmn302aE7
TLSH 4AB2D00956B9203E87323FF1D8662A0338540DB779FADBA64D11276F4CF974449C46AF
Reporter cocaman
Tags:GuLoader zip


Avatar
cocaman
Malicious email
From: "Shipping Dep." <chungcha@mail.co>
Received: from slot0.erageran.xyz (slot0.erageran.xyz [45.95.169.208])
Date: Thu, 30 Apr 2020 00:12:24 -0700
Subject: shipping advice
Attachment: 2020-30.zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Trojan.VBGeneric-7726563-0
Create hunting rule

Win.Dropper.Fareit-7726574-0
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-04-30 04:54:34 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
6 of 48 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=aqcokpt5qkrgv3y565hnnqwgec5jb7e226quiamgt4ia6hqo4ioa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

zip 0404e53e7d82a26aef1df74ed6c2c620ba90fc9ad7a14401869f100f1e0ee21c

(this sample)

GuLoader

Executable exe e51717961da9bde7f677cfec8ff187cbef56401334a87b2d45a0f2ef27c8cb44

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e51717961da9bde7f677cfec8ff187cbef56401334a87b2d45a0f2ef27c8cb44

Comments