MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c7815bbbe8941bf630f4fd7ba94b5fd2726860f0fb319bf32d2df7c3af3cceb9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c7815bbbe8941bf630f4fd7ba94b5fd2726860f0fb319bf32d2df7c3af3cceb9
SHA3-384 hash: ee1a6fcb5dab601d3b8483e7b93cffd4a4af246b11c81bb9992a8feb3857a7deb7390e33775a9611311c7e09695f1800
SHA1 hash: a9644a3247a3b150964df3e8c7f3ed7e9afba2c5
MD5 hash: 7b58941ff47476d015051418bf812c64
humanhash: earth-crazy-cola-spaghetti
File name:New_Attached_Document_IMG2748891033.img
Download: download sample
Signature GuLoader
Create hunting rule
File size:131'072 bytes
First seen:2020-06-10 11:40:05 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 1536:ZR7OJExfZIzbEZtNAQPjueGApmfTmYREG+5LIi3/V:NxftZtjjuimfCP5LIi3/V
TLSH 73D35C16BAD0AD71C73567F62EB0A25801B7B93605F18603751C3B2E273B84AFA75707
Reporter abuse_ch
Tags:GuLoader img


Avatar
abuse_ch
Malspam distributing GuLoader:

From: Jeff Milan <jeff@hsmecorp.com>
Subject: RE: Request for Quotation -OFFER-1084 -Equipment
Attachment: New_Attached_Document_IMG2748891033.img (contains "marranoIMG2748891033.com")

GuLoader payload URL:
http_{vp=f!]L\l#

Intelligence

File Origin
# of uploads :
1
# of downloads :
57
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Vebzenpak
Create hunting rule
Status:
Malicious
First seen:
2020-06-10 11:42:04 UTC
AV detection:
17 of 31 (54.84%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=y6avxo7isqn7mmhu7v52ss272jzgqyhq7myzx4znfx34hlz4z24q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

img c7815bbbe8941bf630f4fd7ba94b5fd2726860f0fb319bf32d2df7c3af3cceb9

(this sample)

GuLoader

Executable exe 2cf01afb98a61b2af1b0458770d83d230d1c9ab3bfcb9f2b6a504395403b5165

  
Dropping
MD5 994d3e2726c115e3d53b9a28b2d407c5
  
Dropping
GuLoader
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 2cf01afb98a61b2af1b0458770d83d230d1c9ab3bfcb9f2b6a504395403b5165

Comments