General
-
Target
aef0f8e2c992b684801594be4ccbab78bb11c5e90524ecdedb46f2720db1f590
-
Size
4.1MB
-
Sample
230129-kfdj1ahb9y
-
MD5
750bb8485aa527c8a27ca7469e9fd166
-
SHA1
28bff604d8bccf4ba055d506742ee07960698443
-
SHA256
aef0f8e2c992b684801594be4ccbab78bb11c5e90524ecdedb46f2720db1f590
-
SHA512
9ed6aa676e992f826a76fbfc9a12b3efcd0a0416bd5564c829376d0fde39ee6e54f9164d1e5668324426a6194e195cd694c6b9241f138901b26909777dab007d
-
SSDEEP
98304:k5yI0SOgapeVXm3qHpKY0heUlhvM2rnyIPCcNWYl06mRSA:kP0ngHXPHpD0U6nBPsh
Malware Config
Targets
-
-
Target
aef0f8e2c992b684801594be4ccbab78bb11c5e90524ecdedb46f2720db1f590
-
Size
4.1MB
-
MD5
750bb8485aa527c8a27ca7469e9fd166
-
SHA1
28bff604d8bccf4ba055d506742ee07960698443
-
SHA256
aef0f8e2c992b684801594be4ccbab78bb11c5e90524ecdedb46f2720db1f590
-
SHA512
9ed6aa676e992f826a76fbfc9a12b3efcd0a0416bd5564c829376d0fde39ee6e54f9164d1e5668324426a6194e195cd694c6b9241f138901b26909777dab007d
-
SSDEEP
98304:k5yI0SOgapeVXm3qHpKY0heUlhvM2rnyIPCcNWYl06mRSA:kP0ngHXPHpD0U6nBPsh
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-