General
-
Target
afce686bc941affbe797b07e3da532f4860f137682434a2059c0208da2e8a8f9
-
Size
4.1MB
-
Sample
230128-z8qglagf54
-
MD5
726b5355e0480af67f10df89698efccc
-
SHA1
c110d6062d753738bcdd5ce8d748e7c77cf93428
-
SHA256
afce686bc941affbe797b07e3da532f4860f137682434a2059c0208da2e8a8f9
-
SHA512
fb46957b57119d8e3edf4462534b5d4cfaee7b97863c94c4289d9e8e363c9adf9fe7b21ff578bd937018fd668a7b320367dbc0e92cbf89640db6515e02913564
-
SSDEEP
98304:LnA6Nzgkpu1YiCPL2q+9zfEuZBbp7RQjRY3d1bt1dYG4Xy1wD:LNNzC1YiCJ+xZxQjCYJ
Malware Config
Targets
-
-
Target
afce686bc941affbe797b07e3da532f4860f137682434a2059c0208da2e8a8f9
-
Size
4.1MB
-
MD5
726b5355e0480af67f10df89698efccc
-
SHA1
c110d6062d753738bcdd5ce8d748e7c77cf93428
-
SHA256
afce686bc941affbe797b07e3da532f4860f137682434a2059c0208da2e8a8f9
-
SHA512
fb46957b57119d8e3edf4462534b5d4cfaee7b97863c94c4289d9e8e363c9adf9fe7b21ff578bd937018fd668a7b320367dbc0e92cbf89640db6515e02913564
-
SSDEEP
98304:LnA6Nzgkpu1YiCPL2q+9zfEuZBbp7RQjRY3d1bt1dYG4Xy1wD:LNNzC1YiCJ+xZxQjCYJ
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Windows security bypass
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Windows security modification
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-