Objective: to counter the growing spread of fake news and disinformation against Paris and its Armed Forces. Parly: “We want to win the war before the war.”
Technical analysis by the Malware Hunter JAMESWT
The global campaign to convey Guloader continues. The email text email changes, but the system is always the same. Xz attachment contains an exe, the malware itself, which should load other payloads. Today, however, it is unknown which
The global campaign to convey Guloader continues. The text of the email changes, but the system is always the same. The compressed attachment in Xz format contains an exe file, the malware itself.
This should theoretically download other payloads, but it is currently not possible to detect which ones they are.
In the past, Guloader has been used by cybercrime to carry different types of information stealers such as Agent Tesla / Origin Logger, FormBook, NanoCore RAT, Netwire RAT, Remcos RAT, Ave Maria / Warzone RAT and Parallax RAT.