General

  • Target

    2015dd4de3abbf6d901083c0a73fb6531c82c0eb21651ac7d33ca1cea4785b33

  • Size

    4.2MB

  • Sample

    220917-d6p76ahah5

  • MD5

    0e536912cc7b34686a40a0e57294ba18

  • SHA1

    72d2205eefcbb60a02d7f0c069f6dfaf8107a60d

  • SHA256

    2015dd4de3abbf6d901083c0a73fb6531c82c0eb21651ac7d33ca1cea4785b33

  • SHA512

    147ef3ddfc3152f119ea47afd417a866399656cb778307f1362281c8601b3af7a3ecc4836a89ba7565b6c0497265868eb4b1039bfa20c2bdc58a5a50a2edd8f7

  • SSDEEP

    98304:V3eAq8wc/O1Uxvfpy8Ek7Vs/MgpVv7GLdXx16OoTi:ojg/FRfpyK7VtDXOm

Malware Config

Targets

    • Target

      2015dd4de3abbf6d901083c0a73fb6531c82c0eb21651ac7d33ca1cea4785b33

    • Size

      4.2MB

    • MD5

      0e536912cc7b34686a40a0e57294ba18

    • SHA1

      72d2205eefcbb60a02d7f0c069f6dfaf8107a60d

    • SHA256

      2015dd4de3abbf6d901083c0a73fb6531c82c0eb21651ac7d33ca1cea4785b33

    • SHA512

      147ef3ddfc3152f119ea47afd417a866399656cb778307f1362281c8601b3af7a3ecc4836a89ba7565b6c0497265868eb4b1039bfa20c2bdc58a5a50a2edd8f7

    • SSDEEP

      98304:V3eAq8wc/O1Uxvfpy8Ek7Vs/MgpVv7GLdXx16OoTi:ojg/FRfpyK7VtDXOm

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Windows security bypass

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks