MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f916b2daa9c47caa84bdab905de961a60ebb0f4fbcb3b3311eb429b7dcbaed8a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information 1 Yara Comments

SHA256 hash: f916b2daa9c47caa84bdab905de961a60ebb0f4fbcb3b3311eb429b7dcbaed8a
SHA1 hash: 1dfbddf5bd11c4233d652cc36ccc7dbc512fce07
MD5 hash: ae772d1b310b57b46e09b88dade53166
File name:ae772d1b310b57b46e09b88dade53166.exe
Download: download sample
Signature GuLoader
File size:102'400 bytes
First seen:2020-05-23 11:49:34 UTC
Last seen:2020-05-23 13:13:13 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 9dd4bcbfb40fc2e285a1f6c3c53d11cf
ssdeep 1536:ntayBrI7d743jZRWrBZT66naTu1oxieT:ntdrIh78dRs067+
TLSH 9BA33971F5E0ED53CA1842BD6D748BA81A4BBC788991C70FB4C9372C59F3980E666363
Reporter @abuse_ch
Tags:exe GuLoader


Twitter
@abuse_ch
GuLoader payload URL:
https://drive.google.com/uc?export=download&id=1NK04HFUL5gbmrMCds7cdKWIq2Dzuw5Yx

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 22
Origin country US US
ClamAV SecuriteInfo.com.Variant.Jaik.40145.25897.26665.UNOFFICIAL
VirusTotal:Virustotal results 40.28%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments