General
-
Target
185061d5920ed23ff9a02cb026c6a718cb3f2ebef871cb1b8587da9a64ad0c7d
-
Size
4.0MB
-
Sample
221125-l7w14ahg49
-
MD5
fc6fdbedd8aaded78aa85f64f24c143d
-
SHA1
c80761746b152afdf4a0252a5e8ed1c662170a39
-
SHA256
185061d5920ed23ff9a02cb026c6a718cb3f2ebef871cb1b8587da9a64ad0c7d
-
SHA512
1b3bdc1523bcfcee1751d48fdc9205239bfce1ed29cb28bdc2984f72f885ccf781b561494349821992b5c737a04c3f2d44697b818ccd8a5aeae26e489a94f013
-
SSDEEP
98304:ZP944/0pK8V0OWeCVU+cMijaYBJ7f47gG6yTkg:ZP930pfVQnoGYBBw2ikg
Malware Config
Targets
-
-
Target
185061d5920ed23ff9a02cb026c6a718cb3f2ebef871cb1b8587da9a64ad0c7d
-
Size
4.0MB
-
MD5
fc6fdbedd8aaded78aa85f64f24c143d
-
SHA1
c80761746b152afdf4a0252a5e8ed1c662170a39
-
SHA256
185061d5920ed23ff9a02cb026c6a718cb3f2ebef871cb1b8587da9a64ad0c7d
-
SHA512
1b3bdc1523bcfcee1751d48fdc9205239bfce1ed29cb28bdc2984f72f885ccf781b561494349821992b5c737a04c3f2d44697b818ccd8a5aeae26e489a94f013
-
SSDEEP
98304:ZP944/0pK8V0OWeCVU+cMijaYBJ7f47gG6yTkg:ZP930pfVQnoGYBBw2ikg
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Windows security bypass
-
Executes dropped EXE
-
Modifies Windows Firewall
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-