MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 29343bfdec500d3806edf49730da22199c42573b3ae2b8e0e3534c7687c93b86. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 3 Yara Comments

SHA256 hash: 29343bfdec500d3806edf49730da22199c42573b3ae2b8e0e3534c7687c93b86
SHA1 hash: 4ea33caf0214e73f3b0e46ca78f3188f1a2ae28c
MD5 hash: b7085b8fd3d6a82c6b45ffa6b0aec2d9
File name:b7085b8fd3d6a82c6b45ffa6b0aec2d9.exe
Download: download sample
Signature GuLoader
File size:94'208 bytes
First seen:2020-05-22 10:26:33 UTC
Last seen:2020-05-22 11:46:12 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f6e1b555757006a1848334d2bcba3395
ssdeep 768:kztoZWj42N4OEqb2NpLDtdfxtMcbx/dJ0pOxOnwYu8dkbr5XmVqXfE:stoIfbCFnfxtMSoHuRRmVz
TLSH 82931966B980D8B2CE704FF15D3285B82867AC711D514A0775CF3E1E6A37A4D98393CB
Reporter @abuse_ch
Tags:exe GuLoader

GuLoader payload URL:


Mail intelligence No data
# of uploads 2
# of downloads 27
Origin country FR FR
ClamAV PUA.Win.Packer.ProtectSharewar-2
VirusTotal:Virustotal results 17.14%
ReversingLabs :No data

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 29343bfdec500d3806edf49730da22199c42573b3ae2b8e0e3534c7687c93b86

(this sample)

Delivery method
Distributed via web download