MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fc6e4e6dae2a913cbaf3d495ab6508f01660f1cd6a1b20a84105776c8f65a090. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 4 Yara Comments

SHA256 hash: fc6e4e6dae2a913cbaf3d495ab6508f01660f1cd6a1b20a84105776c8f65a090
SHA1 hash: 213c4bfbfc471c774bff3aa73f1d5f990edad31a
MD5 hash: a9c2cb85163a1bb3d7129d678efcf989
File name:facturas.PDF.exe
Download: download sample
Signature GuLoader
File size:90'112 bytes
First seen:2020-05-22 09:56:11 UTC
Last seen:2020-05-22 10:51:51 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 0e92406c3971179f76b29d7e2087702c
ssdeep 768:pEp4abrBBlJT8x8XF3XmBL8OQqyyUWdqzfnSlGjlQ/ESfuPoyJuPjpUswPv5ajqs:a15TGmCyy8XQuPohLpUzHTizlIIV
TLSH 35935B18F948DCA9E8084DB1C9E446AA14BFFC327DA44B1F38C97E7C39739812D66346
Reporter @abuse_ch
Tags:exe GuLoader

Malspam distributing GuLoader:

Sending IP:
From: Cristina Garfagnoli <>
Subject: verifique las facturas
Attachment: facturas.PDF.ace (contains "facturas.PDF.exe")

GuLoader payload URL:


Mail intelligence
Trap location Impact
Global Low
# of uploads 2
# of downloads 26
Origin country FR FR
VirusTotal:Virustotal results 33.33%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe fc6e4e6dae2a913cbaf3d495ab6508f01660f1cd6a1b20a84105776c8f65a090

(this sample)

Delivery method
Distributed via e-mail attachment