Skip to content
MalwareWiki

Malware

CloudEyE

aka GuLoader · vbdropper

CloudEyE (initially named GuLoader) is a small VB5/6 downloader.

CloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored.

Family metadata imported from Malpedia (Fraunhofer FKIE).