MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0e8e1a3fd2a1f323ebf48b5efb5ccfa6fad282c8606bb258e306a3b476feea0c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0e8e1a3fd2a1f323ebf48b5efb5ccfa6fad282c8606bb258e306a3b476feea0c
SHA3-384 hash: 1e64321697fa39d9a9ad1f0fd059c090fef59f262ea293aaf301606ce53d6888611d4677d459dd5f9fa25e25b11ae984
SHA1 hash: 5cd841b8895201da76ae46e7b46971a61238c701
MD5 hash: f6e9ef2046c66a4e5483df7fc0a9ac64
humanhash: apart-alpha-march-nineteen
File name:DHL001173990273892PDF.iso
Download: download sample
Signature GuLoader
Create hunting rule
File size:1'019'904 bytes
First seen:2020-05-12 07:30:04 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:eg0JHX+nO5nqQM1V4kWDSMzjlSkTzvGvKoqbJKSgb3rC:M+nOcQGZWnlSkPGUJHW3rC
TLSH E925AE333A829039C46D427180BD9AE6E63B3A853B56CA9F718FA31C5FC315B7B5118D
Reporter cocaman
Tags:GuLoader iso


Avatar
cocaman
Malicious email
From: DHL EXPRESS LIEFERUNG <dexter.ramirez_brenes@dhl.com>
Received: from lh016.interdominios.com (lh016.interdominios.com [89.248.106.15])
Date: Tue, 12 May 2020 09:23:51 +0200
Subject: DB_DHL_AWB_00117390021 / AD
Attachment: DHL001173990273892PDF.iso

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.MSIL.Kryptik.VVS.7986.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-12 07:53:18 UTC
File Type:
Binary (Archive)
Extracted files:
4
AV detection:
15 of 31 (48.39%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=b2hbup6suhzsh27urnppwxgpu35nfawimbv3ewhda2r3i5x65iga._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

iso 0e8e1a3fd2a1f323ebf48b5efb5ccfa6fad282c8606bb258e306a3b476feea0c

(this sample)

GuLoader

Executable exe 6a282a70f09a9e53642cd66ecf3392f635829352afd38613c919e169b92c3a39

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6a282a70f09a9e53642cd66ecf3392f635829352afd38613c919e169b92c3a39

Comments