ID | Votes | Profile Description |
---|---|---|
Cloudeye | 1 | Cloudeye, also known as GuLoader, is a sophisticated malware that has been active for over three years and continues to evolve. First spotted in late 2019, it is an advanced shellcode-based malware downloader used to distribute a range of payloads, such as information stealers, while incorporating n |
Amadey | 1 | Amadey is a malicious software (malware) that has been found to be used in conjunction with other malware such as Remcos, GuLoader, and Formbook. Analysis of the infection chains revealed that the individual behind the sales of Remcos and GuLoader also uses Amadey and Formbook, using GuLoader as a p |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lumma Stealer | Unspecified | 1 | Lumma Stealer is a malicious software (malware) that infiltrates systems primarily to steal personal information, disrupt operations, and exploit vulnerabilities. According to the ESET Threat Report H2 2023, Lumma Stealer gained significant traction in the second half of 2023, with its capabilities |
GuLoader | Unspecified | 1 | GuLoader is a type of malware that infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, it can steal personal information, disrupt operations, or even hold data hostage for ransom. GuLoader is encrypted with NSIS Crypter and has |
Formbook | Unspecified | 1 | Formbook is a type of malware known for its ability to steal personal information, disrupt operations, and potentially hold data for ransom. The malware is commonly spread through suspicious downloads, emails, or websites, often without the user's knowledge. In June 2023, Formbook was observed being |
Lumma | Unspecified | 1 | Lumma is a prominent malware, particularly known as an information stealer. It is delivered through various means, including suspicious downloads, emails, and websites. In one instance observed by Palo Alto Networks’ Unit 42, Lumma was sent over Latrodectus C2 in an infection chain. In another campa |
Theprotect | Unspecified | 1 | TheProtect is a new brand of malware, previously known as GuLoader. It is being openly sold on the websites BreakingSecurity and VgoStore, both administered by an individual operating under the alias EMINэM. TheProtect is also advertised in these platforms' respective Telegram groups. Our analysis h |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
DARKReading | a month ago | Cut & Paste Tactics Import Malware to Unwitting Victims |
Checkpoint | 10 months ago | Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos - Check Point Research |