Cloud-Based Malware Delivery: The Evolution of GuLoader

Key takeaways

• GuLoader is a prominent shellcode-based downloader that has been used in a large number of attacks to deliver a wide range of the “most wanted” malware.


• GuLoader has been active for more than three years and is still undergoing further development. The latest version integrates new anti-analysis techniques, which results in it being significantly challenging to analyze. New GuLoader samples receive zero detections on VirusTotal, ensuring its malicious payloads also remain undetected.


• GuLoader’s payload is fully encrypted, including …

analysis anti-analysis attacks cloud cloud-based delivery development guloader key large latest malware malware analysis results shellcode takeaways techniques version