MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 27d58f27e83c7301c5dffe565551fd95f21cf2325510ae9f5f70392f05d45c5e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 27d58f27e83c7301c5dffe565551fd95f21cf2325510ae9f5f70392f05d45c5e
SHA3-384 hash: 2d9545015b31bea9a72f175f647540d8b023dcdcac0bdd869f0dc652bf391313a8f8bf898102f846b5018af8a001facc
SHA1 hash: cb4fde3e704cada31fdf6fe2aa1cdee2d3155df4
MD5 hash: bb8fb2dae7f40e351390241d355b880d
humanhash: yankee-thirteen-harry-vegan
File name:PRE-ORDER #8695769479.IMG
Download: download sample
Signature GuLoader
Create hunting rule
File size:1'245'184 bytes
First seen:2020-05-14 04:30:06 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 768:zCRrBUWfY4RFQe8AdCq5tLCU5dTGcwcYBFjrk235GIAYgzRZ/r3C0X7NL:zCRrvQeZR5V5dSc1YBj5GIJ+xlL
TLSH 01454B23B7D8947BD2148B743F758BE4466BFC3015224A4FB58C3B1F2B3AA4259B065E
Reporter cocaman
Tags:GuLoader img


Avatar
cocaman
Malicious email
From: =?UTF-8?Q?Latiff=C2=A0_Cui_-_Sales_M?= <yuri@bigpcnd.net>
Received: from box.bigpcnd.net (box.bigpcnd.net [104.168.136.135])
Date: Thu, 14 May 2020 00:42:49 +0100
Subject: CHINESE MARVEL IMPEX COMPANY ~ PRE-ORDER REQUEST
Attachment: PRE-ORDER #8695769479.IMG

Intelligence

File Origin
# of uploads :
1
# of downloads :
80
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen9.46199.8969.20526.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-14 04:35:31 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
15 of 31 (48.39%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=e7ky6j7ihrzqdro77zlfkup5sxzbz4rskuik5h27oa4s6boulrpa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

img 27d58f27e83c7301c5dffe565551fd95f21cf2325510ae9f5f70392f05d45c5e

(this sample)

GuLoader

Executable exe bdd1e58d7a15e88b1f6400fa7aff3d021a3b944dde54e0b156b5d90c71e1f553

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 bdd1e58d7a15e88b1f6400fa7aff3d021a3b944dde54e0b156b5d90c71e1f553

Comments