Alias Description | Votes |
---|---|
Cloudeye is a possible alias for GuLoader. Cloudeye, also known as GuLoader, is a sophisticated malware that has been active for over three years and continues to evolve. First spotted in late 2019, it is an advanced shellcode-based malware downloader used to distribute a range of payloads, such as information stealers, while incorporating n | 4 |
Formbook is a possible alias for GuLoader. Formbook is a type of malware, malicious software designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Formbook has been linked with other forms o | 4 |
Amadey is a possible alias for GuLoader. Amadey is a form of malware, a malicious software designed to exploit and damage computer systems. This particular malware is distributed via the Amadey loader, which can be disseminated through phishing emails or downloads from compromised sites. It has been observed that the individual behind the | 2 |
The Protector is a possible alias for GuLoader. "The Protector" is a malware identified as the Visual Basic Script (VBS) version of GuLoader. This malicious software, designed to exploit and damage computer systems, infiltrates through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can steal personal infor | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Guloader Shellcode Malware is associated with GuLoader. GuLoader shellcode is a type of malware that utilizes various techniques to infiltrate systems, disrupt operations, and potentially steal personal information. The malicious software has been observed in encrypted forms such as the GuLoader VBScript and NSIS, both identified with unique MD5 hashes. | Unspecified | 4 |
The Agent Tesla Malware is associated with GuLoader. Agent Tesla is a well-known malware that primarily targets systems through phishing attacks, exploiting an outdated Microsoft Office vulnerability (CVE-2017-11882). This malicious software is designed to infiltrate computer systems, often without the user's knowledge, and can steal personal informat | Unspecified | 2 |
The NETWIRE Malware is associated with GuLoader. NetWire is a type of malware, specifically a remote access trojan (RAT), that has been utilized for various malicious activities since at least 2014. Initially promoted as a legitimate tool for managing Windows computers remotely, NetWire was quickly adopted by cybercriminals and used in phishing at | Unspecified | 2 |
The Emotet Malware is associated with GuLoader. Emotet is a notorious malware, short for malicious software, that is designed to exploit and damage computers or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user, with the potential to steal personal information, disrupt operations, | Unspecified | 2 |
The Guloader Vbscript Malware is associated with GuLoader. GuLoader VBScript is a sophisticated form of malware designed to infiltrate and exploit computer systems. This malicious software can access systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Darkme Threat Actor is associated with GuLoader. DarkMe is a threat actor group, also known as DarkCasino or Water Hydra, that has been actively executing large-scale cyberattacks since 2022. The group primarily uses a Visual Basic spy Trojan, also named DarkMe, in its operations. This Trojan was developed by the group in 2021 and has been continu | Unspecified | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2017-11882 Vulnerability is associated with GuLoader. CVE-2017-11882 is a significant software vulnerability, specifically a flaw in the design or implementation of Microsoft's Equation Editor. This vulnerability has been exploited by various threat actors to create malicious RTF files, most notably by Chinese state-sponsored groups using the "Royal Ro | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Recorded Future | 2 months ago | ||
Unit42 | 10 months ago | ||
SANS ISC | 5 months ago | ||
Flashpoint | 6 months ago | ||
DARKReading | 7 months ago | ||
Securityaffairs | 7 months ago | ||
Fortinet | 7 months ago | ||
CERT-EU | 8 months ago | ||
CERT-EU | 8 months ago | ||
Checkpoint | 9 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Checkpoint | a year ago | ||
Checkpoint | a year ago | ||
DARKReading | a year ago |