MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8bc645284922eeeaceef0486bc77ebfd966cba91fd0049e3d1a3d6312a952f36. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8bc645284922eeeaceef0486bc77ebfd966cba91fd0049e3d1a3d6312a952f36
SHA3-384 hash: aaf2bfeb464950ef509650c515389b118256d0ca6dccb4108640acefe606a0473d57f5653f6ecef9aa327f992abda328
SHA1 hash: 56d5a3a51bc23e2a71dbcafa3f261d5a0036f1a9
MD5 hash: 4f0e78b25f71f8fdeb43215ac29858cb
humanhash: freddie-low-massachusetts-diet
File name:DHL BILL OF LADING 62803217763.ace
Download: download sample
Signature GuLoader
Create hunting rule
File size:17'682 bytes
First seen:2020-05-15 04:45:31 UTC
Last seen:2020-05-15 04:46:02 UTC
File type: ace
MIME type:application/octet-stream
ssdeep 384:U9hRBh0Vz/OWy3ByeFv1aIQVzIZiutz2Mhb7ntFD9yNiNlYp:svqzWd3XFAfzut6gb1GiNlQ
TLSH D782D009AB6A2DCB27717FE9F0420452979EB08D6D6CCE0125DAF27FAB29214C035F06
Reporter cocaman
Tags:ace


Avatar
cocaman
Malicious email
From: "DHL SERVICES" <dhlsupport@deliveryservice.com>
Received: from mail0.106.gizmodo.casa (mail0.106.gizmodo.casa [167.172.35.158])
Date: Thu, 14 May 2020 19:15:37 -0700
Subject: DHL AIR WAY BILL OF LADING DOCUMENTS FINAL DELIVERY NOTICE
Attachment: DHL BILL OF LADING 62803217763.ace

Intelligence

File Origin
# of uploads :
2
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.25738.AceHeur.Exe.UNOFFICIAL
Create hunting rule

Sanesecurity.Malware.25166.AceHeur.Exe.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Suspicious-ACE-exe.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-15 05:35:40 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
16 of 31 (51.61%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

ace 8bc645284922eeeaceef0486bc77ebfd966cba91fd0049e3d1a3d6312a952f36

(this sample)

GuLoader

Executable exe 988b22396032c7352be36c70d738091e7df261013cb1161194e8dc416fd15fe3

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 988b22396032c7352be36c70d738091e7df261013cb1161194e8dc416fd15fe3

Comments