General
-
Target
c004bc60588b380062ffab5756c1b44b309d9d52821d4beda334958146219ea0
-
Size
4.1MB
-
Sample
230129-p18yvsff45
-
MD5
0f94ad391fdd0be0fa7ca02e6997cbfa
-
SHA1
378c3458379ffbd8af45453961f1288d0adfdde7
-
SHA256
c004bc60588b380062ffab5756c1b44b309d9d52821d4beda334958146219ea0
-
SHA512
30a1ade9670227a2cc709bd13e50d47cb5dd2f5168c57994909676f8d17b8582630a77d0c82ce76cb841299893418b5ce98502ed963982ca7217c9c4daa3e657
-
SSDEEP
98304:WZWqEuz9lwfPwwwhFXBUzcboLtY5KGBLd7CfaXh:eWQhlw3whFazcboe5Kkd7Cf8h
Malware Config
Targets
-
-
Target
c004bc60588b380062ffab5756c1b44b309d9d52821d4beda334958146219ea0
-
Size
4.1MB
-
MD5
0f94ad391fdd0be0fa7ca02e6997cbfa
-
SHA1
378c3458379ffbd8af45453961f1288d0adfdde7
-
SHA256
c004bc60588b380062ffab5756c1b44b309d9d52821d4beda334958146219ea0
-
SHA512
30a1ade9670227a2cc709bd13e50d47cb5dd2f5168c57994909676f8d17b8582630a77d0c82ce76cb841299893418b5ce98502ed963982ca7217c9c4daa3e657
-
SSDEEP
98304:WZWqEuz9lwfPwwwhFXBUzcboLtY5KGBLd7CfaXh:eWQhlw3whFazcboe5Kkd7Cf8h
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Windows security bypass
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Windows security modification
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-