MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 407782bc40bc6bd6f7f55e2e4622d98af110d7c025314b0752dcf7a8aa8d1ef5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 407782bc40bc6bd6f7f55e2e4622d98af110d7c025314b0752dcf7a8aa8d1ef5
SHA3-384 hash: d6cffa4cdb01c507b6cb0c567c69b4e94b156e6336fdb2664d25ba5753c09775fb19891bcd4914ac451d8d799afd5748
SHA1 hash: d6abc2b42f4d5e8966a5c40534f1a907c930ad95
MD5 hash: d37eb2e1e4fcda5fad5e7fbde35ee696
humanhash: fix-finch-pennsylvania-butter
File name:IV-200547.zip
Download: download sample
Signature GuLoader
Create hunting rule
File size:23'447 bytes
First seen:2020-05-12 16:15:15 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 384:spgq9h6PJmX1dCv6agRRLWAW35qfIYO4WRSqCRHiXWbhCdrfRSrQQKXKR:syqOPJ2WZGhWAWEfI53SqOUdtXKR
TLSH F8B2E194285A1C20A075E7413B3A540F432AB9730FE0F6E5C215B76D7CE03A65B63739
Reporter abuse_ch
Tags:GuLoader zip


Avatar
abuse_ch
Malspam distributing GuLoader:

HELO: fnadk-36.srv.cat
Sending IP: 46.16.62.46
From: Administracion <info@fedizseguros.com>
Reply-To: info@fedizseguros.com
Subject: Factura
Attachment: IV-200547.zip (contains "IV-200547.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen9.45861.31620.11029.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-13 04:15:41 UTC
AV detection:
22 of 48 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ib3yfpcaxrv5n57vlyxemiwzrlyrbv6aeuyuwb2s3t32rkund32q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

zip 407782bc40bc6bd6f7f55e2e4622d98af110d7c025314b0752dcf7a8aa8d1ef5

(this sample)

GuLoader

Executable exe 9570f894ec4059802c7b154a4b4dba22a57229a780b375c74a8a3107d9125bb4

  
Dropping
MD5 057e4148d200ab59a4e12b57989931a6
  
Dropping
GuLoader
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9570f894ec4059802c7b154a4b4dba22a57229a780b375c74a8a3107d9125bb4

Comments