skip to Main Content

Cybercrime, fake order from Poland conveys unknown malware via Guloader

Technical analysis by the Malware Hunter JAMESWT

False order from Poland delivers unknown malware via Guloader. The email rar attachment contains an exe: the loader, which contacts a url and downloads the final payload. This however is unknown

A false order from Poland is the latest bait in a malware campaign via Guloader.

The rar attachment contains an exe file: the loader itself, which contacts another url and downloads the final payload. It is not clear at the moment what it is. Guloader has been used by cybercrime to carry different types of information stealers such as AgentTesla / Origin Logger, FormBook, NanoCore RAT, Netwire RAT, Remcos RAT, Ave Maria / Warzone RAT and Parallax RAT.

Back To Top