Explore tweets tagged as #Guloader
Acronis TRU analyses Makop ransomware’s updated toolkit, with new components including local privilege escalation exploits and GuLoader for secondary payloads. 55% of observed cases hit Indian organisations, with further victims in Brazil & Germany. https://t.co/xjx2C3viyW
0
2
14
Top 10 last week's threats by uploads 🌐 ⬆️ #Xworm 870 (854) ⬆️ #Asyncrat 415 (398) ⬆️ #Quasar 395 (329) ⬇️ #Vidar 318 (327) ⬇️ #Lumma 286 (322) ⬆️ #Remcos 273 (212) ⬇️ #Stealc 266 (296) ⬇️ #Gravityrat 241 (302) ⬆️ #Guloader 179 (172) ⬆️ #Smokeloader 155 (144) Explore malware in
0
4
11
Looks like a #Guloader variant from Hungary 'Rendeles TECHNOFLEX Hungary Kft. 3474_NGYR_20251020_AUDIEA888EVO5.bat' https://t.co/AV2Rub3YuS Domain: vakuumklima(.)hu IP: 185.111.89(.)190
0
1
5
In Hungary somebody picked a simple #guloader in a 7ZIP archive and put it in a TXT with base64. 🤷🏻♂️ 'doc0012020020250212.exe' seen from Poland and Hungary @abuse_ch
https://t.co/BYQn7R7dEE IP: 178.218.164(.)110:443 (Croatia) @_operations6_
1
2
16
Opozarjamo na širjenje zlonamerne kode v imenu FURS🚩 Sporočilo nagovaja k zagonu zlonamerne priponke pod pretvezo ogleda davčnega dokumenta. Priponka ZIP arhiva nosi škodljivo VBS datoteko za zagon prenašalnika Guloader, ki naloži orodje za oddaljen dostop Remcos RAT
0
5
7
"Re: Nuovo ordine" #GuLoader > #RemcosRat C2 ⛔️agulo22[.]ydns[.]eu:56687 Samples👇 https://t.co/dt2uy7AhZi
1
1
18
#TZULO: Fav. Host of #UNC6040🇺🇸 📌LLM Hijacking 📌Fortigate VPN Bruteforce 📌ZynorRAT, AsyncRAT, RemcosRAT, AgentTesla, GuLoader, QakBot, RecordBreaker 📌#SAFEPAY #Ransomware 68.235.46[.]80 https://t.co/3AoarCMopw
#Salesloft #Salesforce #CyberSecurity #InfoSec #OSINT #Darkweb
0
1
3
🔥🔥Wtf ... The latest #Guloader shellcode has added a new exception: EXCEPTION_PRIV_INSTRUCTION.
0
11
58
🔥An ✉️ sample spreads #GuLoader was submitted to VT from VN 🇻🇳!! 📨hash:3a2671536bcd0ed7c0830907e32b2727 ☠️#guloader hash:cae0a2b2c56b394afa087d84a85e1f6b 👹IOCs: http://172[.]245.208.4/3456/wlanext.exe
0
10
44
Here are some initial TTPs from a #GuLoader infection I observed: 1⃣Downloads .bin encrypted payload(2nd stage) from google drive 👀 🚨hxxps[://]drive[.]google[.]com/uc?export=download&id=165dR-jkeWwH1QAK3MesE3SkyuL9notjN 2⃣Attempts to move the malware under C:\Program Files
3
62
166
Updates to vx-underground Samples: - AcidRain - AgentTesla - Android.SoumniBot - AveMaria - GuLoader - LummaStealer - NjRat - PikaBot - QakBot - Rawdoor - Remcos - SystemBC - Upstyle - Vultur - zLoader Papers: - 2024-06-06 - Remcos RAT Analysis - 2024-06-06 - Agent Tesla
3
7
124
#guloader #jarm for c2's found by the looks of it The following sample showed network traffic going https://t.co/vdv74JTBI8 with #guloader in memory pattern. and the ip traffic going to 204.10.160.132:2404 The following query reveals 196 potential c2's https://t.co/HCndK3ivqN
4
12
37
Updates: Families: - AgentTesla - AsyncRAT - CryptBot - DarkComet - DCRat - FormBook - GuLoader - Latrodectus - LummaStealer - Mirai - OxyPumper - RedLine - Remcos - RevengeRAT - SnakeKeylogger - STRRAT - TrickBot - XMRig - XWorm - ZharkRAT Papers: - 2012-10-02 - Blackhole
5
13
116
'E-awb_TRK9166802880_shipping_documents_invoice_11_26_2025_0000000.vbs' #GuLoader seen from Hungary @abuse_ch
https://t.co/pztsxC0BNL Next stage is #xworm. Source URL: hxxps://taiwantrades(.)com(.)br/Brammer.prm C2: businesstradings(.)duckdns(.)org:3033 @skocherhan
0
3
3