General
-
Target
dfa6d71a3b00270be37d436b28b073e94137916da15fd890ccd677bf994159e1
-
Size
4.0MB
-
Sample
221130-2m7vvsfa8t
-
MD5
84d18b1619129e48c2788cda9019f051
-
SHA1
e0919695d7823e3fff1088df6472ae39506ec682
-
SHA256
dfa6d71a3b00270be37d436b28b073e94137916da15fd890ccd677bf994159e1
-
SHA512
5ce61c06f27b846374a3be28ec6be95fbd59132660103654d5cc64840e21e85134d94e5995437981d65a0335f6fae247f8713e06a6511b713dc16f81115eda85
-
SSDEEP
98304:s+KQV8p0ww2h2lE1N9xrmeDfhN3a0IXDfB2OEG4GX3O8XwFKGacx:j8p0ww2hYk9xrmebhN3a0ITZYWW3aA
Malware Config
Targets
-
-
Target
dfa6d71a3b00270be37d436b28b073e94137916da15fd890ccd677bf994159e1
-
Size
4.0MB
-
MD5
84d18b1619129e48c2788cda9019f051
-
SHA1
e0919695d7823e3fff1088df6472ae39506ec682
-
SHA256
dfa6d71a3b00270be37d436b28b073e94137916da15fd890ccd677bf994159e1
-
SHA512
5ce61c06f27b846374a3be28ec6be95fbd59132660103654d5cc64840e21e85134d94e5995437981d65a0335f6fae247f8713e06a6511b713dc16f81115eda85
-
SSDEEP
98304:s+KQV8p0ww2h2lE1N9xrmeDfhN3a0IXDfB2OEG4GX3O8XwFKGacx:j8p0ww2hYk9xrmebhN3a0ITZYWW3aA
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Windows security bypass
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-