MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6528c7c514e9309db9ae4cc57daadef585d47fd338e0084d1f297cab2b95b633. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 3 File information Yara Comments

SHA256 hash: 6528c7c514e9309db9ae4cc57daadef585d47fd338e0084d1f297cab2b95b633
SHA3-384 hash: f3ea7e0505ce9e9cf371b529dd6cc1123f8b13db14bf87c4bec86a5808ebe1ff069b38b8f9026b748fac2c54c8494f48
SHA1 hash: 9564ecf7b2bf4aae142f90135fce9f6b06b19a85
MD5 hash: 6aa88e7fb4926a20ebed56da13ab1f53
humanhash: carbon-illinois-hydrogen-ten
File name:shipping docusments.bat
Download: download sample
Signature GuLoader
File size:94'208 bytes
First seen:2020-05-22 14:34:02 UTC
Last seen:2020-05-22 15:48:46 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash e962f8212a952da5e058314d60017983
ssdeep 768:BwvgMB9Qt8NOP6fXNws/McMcGw8kuFect11lkDWtJZAMB1L8z3DjQ:Wfst8Ntus/McMcGvkuFeWaMfUHQ
TLSH 46930831B558DC62CD280FF19A76CAE41126FD713CC04A4B79DA7B2E2A3254D98727C7
Reporter @jarumlus
Tags:GuLoader

Intelligence


File Origin
# of uploads :
2
# of downloads :
32
Origin country :
US US
Mail intelligence
Geo location:
CH Switzerland
Volume:
Low
Geo location:
Global
Volume:
Low
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Injector
Status:
Malicious
First seen:
2020-05-22 14:35:55 UTC
AV detection:
25 of 31 (80.65%)
Threat level
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

Executable exe 6528c7c514e9309db9ae4cc57daadef585d47fd338e0084d1f297cab2b95b633

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments