General
-
Target
8ad1c7269b4304261fc4e4b4324e4fff8a47da59a8faa8d11c567a7aeaaa958b
-
Size
4.1MB
-
Sample
230201-zlkylacb22
-
MD5
5cbfa3a1fb54201b2b78ebf69de69f54
-
SHA1
c9f85a23610e1ab6504f702c3f928653a7189c32
-
SHA256
8ad1c7269b4304261fc4e4b4324e4fff8a47da59a8faa8d11c567a7aeaaa958b
-
SHA512
600e4b1f8316021bff34cf98c55a76eac08134fc5430d7bb1b3d6da5156ac373fe7f71151880c863097933e294f54350781ada23165b04fc7ba69824cbf31dd2
-
SSDEEP
98304:tLKvZMtw66uUIzMQ5HHHNvZG+1RKlGdq2UNT2uF5gc:t+6cJIzMQ5HHHJX7dqn6uF5gc
Malware Config
Targets
-
-
Target
8ad1c7269b4304261fc4e4b4324e4fff8a47da59a8faa8d11c567a7aeaaa958b
-
Size
4.1MB
-
MD5
5cbfa3a1fb54201b2b78ebf69de69f54
-
SHA1
c9f85a23610e1ab6504f702c3f928653a7189c32
-
SHA256
8ad1c7269b4304261fc4e4b4324e4fff8a47da59a8faa8d11c567a7aeaaa958b
-
SHA512
600e4b1f8316021bff34cf98c55a76eac08134fc5430d7bb1b3d6da5156ac373fe7f71151880c863097933e294f54350781ada23165b04fc7ba69824cbf31dd2
-
SSDEEP
98304:tLKvZMtw66uUIzMQ5HHHNvZG+1RKlGdq2UNT2uF5gc:t+6cJIzMQ5HHHJX7dqn6uF5gc
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-