MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 86bc0e7ee3391cffb1f3588a61a18052331c4565c938d228b518e8543eb1aa1e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 86bc0e7ee3391cffb1f3588a61a18052331c4565c938d228b518e8543eb1aa1e
SHA3-384 hash: 47b8cd53a9042494740d72ceec1342de44488045e9ba57b1281844d1e597a020fe5632eb885436a2e7376d93867b0a50
SHA1 hash: d3d419472564bbbab0a62ade8587f15d6bd5ef2c
MD5 hash: 7ff8cbe1bfdb0e416247ea98efacf506
humanhash: kitten-mango-alpha-colorado
File name:BRIDGE BEARINGS -JUBAIL PROJECT.cab
Download: download sample
Signature GuLoader
Create hunting rule
File size:36'502 bytes
First seen:2020-06-01 13:37:49 UTC
Last seen:Never
File type: cab
MIME type:application/vnd.ms-cab-compressed
ssdeep 768:UeorQjgiMBT69Pi+Ha+SWk5SZOj7AnUhWjvVa9izoXXbb:ToLzGiF+7Oj8ZoHP
TLSH B3F2F1588DA56805E23DC0348F183D4A2D164D665D0D8FB2F5390E17F7BB7A9533EE48
Reporter abuse_ch
Tags:cab GuLoader


Avatar
abuse_ch
Malspam distributing GuLoader:

From: ABD ELHAMEED <info38313@cuinsa.com>,
Subject: PT - 951 ; BRIDGE BEARINGS -JUBAIL PROJECT
Attachment: BRIDGE BEARINGS -JUBAIL PROJECT.cab (contains "BRIDGE BEARINGS -JUBAIL PROJECT.exe")

GuLoader payload URL:
https://drive.google.com/uc?export=download&id=1sfWp8qt8IqRnCBA0VlZaFqGcDw3hfOiH

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-06-01 14:36:06 UTC
AV detection:
29 of 48 (60.42%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=q26a47xdheop7mptlcfgdimakizryrlfze4nekfvddufipvrvipa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

cab 86bc0e7ee3391cffb1f3588a61a18052331c4565c938d228b518e8543eb1aa1e

(this sample)

GuLoader

Executable exe 508f200677afcf864fc716ca89f7c840df97a76c6dbe3d58dabd12afb222f550

  
Dropping
MD5 93b318fa8d927d598587d8fb9d87d7f2
  
Dropping
GuLoader
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 508f200677afcf864fc716ca89f7c840df97a76c6dbe3d58dabd12afb222f550

Comments