MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a8e4b2993ebac406c7945e801e7da09e94393b8ee4a52114e4b40255a8c2a737. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a8e4b2993ebac406c7945e801e7da09e94393b8ee4a52114e4b40255a8c2a737
SHA3-384 hash: 878500933d619fd07e662f3ffdb57e4bcf93f80a7c5eb9606b02f5eb77886e036157e493b4640f8b5a63b3039c20b91c
SHA1 hash: 473a4048017fb3b7f5a3260d8fc06688230309ef
MD5 hash: dc2c21650524c890e37d17ff2c536d75
humanhash: carolina-spaghetti-juliet-yellow
File name:attachments.zip
Download: download sample
Signature GuLoader
Create hunting rule
File size:66'772 bytes
First seen:2020-05-19 04:47:40 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 1536:Rxw3jH3cXrI0K/7qNgpwSQSeX585NMfRx11:Y3jH3cbI0cqSpaNwKJ
TLSH 576312879A02F5D3B4A4D6EB1627C14CE67F08FE66FE0B24866744D1946E1CC9227D3C
Reporter cocaman
Tags:GuLoader zip


Avatar
cocaman
Malicious email
From: Jeffrey Yasmin <purchasemanager@chori.com.my>
Received: from chori.com.my (unknown [193.142.58.25])
Date: 18 May 2020 16:43:07 -0700
Subject: RE: Proforma Invoice
Attachment: attachments.zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
82
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen9.47136.29281.29004.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-19 09:16:17 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
17 of 31 (54.84%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vdslfgj6xlcanr4ul2ab47nat2kdso4o4ssscfhewqbflkgcu43q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

zip a8e4b2993ebac406c7945e801e7da09e94393b8ee4a52114e4b40255a8c2a737

(this sample)

GuLoader

Executable exe aee6f41ba3393811f2980cec1714785039dd6cfcc629b81479fc376f635868c7

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 aee6f41ba3393811f2980cec1714785039dd6cfcc629b81479fc376f635868c7

Comments