ioc[.]one - OSINT Cyber Threat Intelligence Database

The evolution of GuLoader

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Cloud Services - T1021.007 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	77c05b67-9e90-4e55-b996-dd28143ff01d
Fingerprint	605c49a2c1fc28c1
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 12, 2022, midnight
Added to db	Jan. 16, 2023, 3:54 p.m.
Last updated	Nov. 15, 2024, 12:36 p.m.
Headline	The evolution of GuLoader
Title	The evolution of GuLoader
Detected Hints/Tags/Attributes	37/2/12

Source URLs

	Redirection	Url
Details	Source	https://www.vmray.com/cyber-security-blog/malware-analysis-spotlight-guloader/

URL Provider

Details	Provider	Source level domain
Details	vmray.com	www.vmray.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	194		drive.google.com
Details	Domain	9		alphastand.trade
Details	Domain	7		alphastand.top
Details	Domain	9		alphastand.win
Details	Domain	12		kbfvzoboss.bid
Details	File	57		system.dll
Details	File	82		fre.php
Details	File	20		p.php
Details	sha256	1		e7ee8ff4872d57b2fba736ee6556e3f92a3fc1c3c8738c50cc8b1e6acbb4379f
Details	IPv4	12		198.187.30.47
Details	Url	1		https://drive.google.com/uc?export=download&id=1srbfkj9_bx7q9qhzb5jely5tlbrjwwjf
Details	Url	1		http://198.187.30.47/p.php?id=67243588715181780