General

  • Target

    85abece17095e380091f4a5334c3e2aac4cbd8f3f898c2ac5ba0597cbbdb15bb

  • Size

    4.1MB

  • Sample

    221101-mv66zabac9

  • MD5

    1b70e53cbee23baffaacbb6f5edc0694

  • SHA1

    973021d4e92bf19f00a0ab4ab81c90aa788399ff

  • SHA256

    85abece17095e380091f4a5334c3e2aac4cbd8f3f898c2ac5ba0597cbbdb15bb

  • SHA512

    ba415f8f97e162da63d22e9160aa047cc444141839bfebe5c5bf1f6b01a1072ee56175672b889f523769cebd1f06620724abde058e1b5c2b62d2dee040f1bd99

  • SSDEEP

    98304:jnZUu9JR+exWlvjupUXbpzH+2QzbzkpxHzQQkveEUmnhGst8:bFJRVxOXZe2QDk/WeEUqGst8

Malware Config

Targets

    • Target

      85abece17095e380091f4a5334c3e2aac4cbd8f3f898c2ac5ba0597cbbdb15bb

    • Size

      4.1MB

    • MD5

      1b70e53cbee23baffaacbb6f5edc0694

    • SHA1

      973021d4e92bf19f00a0ab4ab81c90aa788399ff

    • SHA256

      85abece17095e380091f4a5334c3e2aac4cbd8f3f898c2ac5ba0597cbbdb15bb

    • SHA512

      ba415f8f97e162da63d22e9160aa047cc444141839bfebe5c5bf1f6b01a1072ee56175672b889f523769cebd1f06620724abde058e1b5c2b62d2dee040f1bd99

    • SSDEEP

      98304:jnZUu9JR+exWlvjupUXbpzH+2QzbzkpxHzQQkveEUmnhGst8:bFJRVxOXZe2QDk/WeEUqGst8

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Windows security bypass

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks