General
-
Target
d08cb58398f9084596b17e7a96338ec8b921b2cc748107c22ccc8ea38572fb43
-
Size
6.6MB
-
Sample
220731-hntj3secgl
-
MD5
647df9da3457d9c1b936502d4df8c3c4
-
SHA1
8680cb73bacce533df5afeb5f62fd63f75094bd1
-
SHA256
d08cb58398f9084596b17e7a96338ec8b921b2cc748107c22ccc8ea38572fb43
-
SHA512
6dbb3c179ed2c087788e1a25a2b48e9bc5dcd47d34b8e6768f4ee49acf66c55b9724d79e4d5a801fd84ff9e43e9c733f38dfa436ec320bf836e432bda4b2d455
Malware Config
Targets
-
-
Target
d08cb58398f9084596b17e7a96338ec8b921b2cc748107c22ccc8ea38572fb43
-
Size
6.6MB
-
MD5
647df9da3457d9c1b936502d4df8c3c4
-
SHA1
8680cb73bacce533df5afeb5f62fd63f75094bd1
-
SHA256
d08cb58398f9084596b17e7a96338ec8b921b2cc748107c22ccc8ea38572fb43
-
SHA512
6dbb3c179ed2c087788e1a25a2b48e9bc5dcd47d34b8e6768f4ee49acf66c55b9724d79e4d5a801fd84ff9e43e9c733f38dfa436ec320bf836e432bda4b2d455
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-