MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e5cb1d4b2c909193f6c268562ca98dbed658e721f4f0f567cd0180377bb98dd0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GuLoader


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e5cb1d4b2c909193f6c268562ca98dbed658e721f4f0f567cd0180377bb98dd0
SHA3-384 hash: 264356b8000a3e972c5af48d08b5bde472865ac389763df0d258b56edb39e904c0fe5966b66b7e2411db6ab5cc8b0a8c
SHA1 hash: 853902e572393a3eaf135126d717fb074f71d2e1
MD5 hash: af72b3e85623ca7ad0e7e97884e630fc
humanhash: single-romeo-thirteen-two
File name:=?UTF-8?Q?Le_colis_est_arriv=C3=A9.rar?=
Download: download sample
Signature GuLoader
Create hunting rule
File size:91'648 bytes
First seen:2020-05-05 14:37:08 UTC
Last seen:2020-05-11 20:58:51 UTC
File type: tar
MIME type:application/x-tar
ssdeep 768:F9mtWbS/O08JLygTEPDeHl5m2IY8s85DOd3FnDcC9mPEIn3Mq5JHdKPJ6I6FQ:bmMO/O0k07ul5m218BC6sIn3MqhKP04
TLSH 6A93F7156DF0EC26D210B9B1EB6AF6DED356BC3018328D0B10C53A9D5F36A469C3626F
Reporter cocaman
Tags:COVID-19 rar?=


Avatar
cocaman
Malicious email
From: Roz Adinda <roz.adinda@yahoo.com>
Received: from sonic313-46.consmr.mail.sg3.yahoo.com (sonic313-46.consmr.mail.sg3.yahoo.com [106.10.240.105])
Date: Tue, 5 May 2020 13:53:45 +0000 (UTC)
Subject: =?UTF-8?Q?Votre_colis_est_arriv=C3=A9_(Ref_7456339447)?=
Attachment: =?UTF-8?Q?Le_colis_est_arriv=C3=A9.rar?=

Intelligence

File Origin
# of uploads :
3
# of downloads :
95
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Mal.FareitVB-AC.2819.4736.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-05 15:35:28 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
18 of 48 (37.50%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

GuLoader

tar e5cb1d4b2c909193f6c268562ca98dbed658e721f4f0f567cd0180377bb98dd0

(this sample)

GuLoader

Executable exe a2854003ec6cd974aacccacca9e7d12208e1e70dc2c3d722c238bafb3aa3ee26

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 a2854003ec6cd974aacccacca9e7d12208e1e70dc2c3d722c238bafb3aa3ee26

Comments