General
-
Target
087918f4ba4ce83037744e4f5318808b728ee909baec3583aefba31f5330f311
-
Size
4.1MB
-
Sample
230204-lcavdagc71
-
MD5
92cdb723c9bc76df099e046630dafd3b
-
SHA1
3768f00fa6f7e88d6c292792c2c9a142649d32f9
-
SHA256
087918f4ba4ce83037744e4f5318808b728ee909baec3583aefba31f5330f311
-
SHA512
df46efaf21684ad0c33f0c767544ec5b642f0411c18d2497fc5493c5944f4ff3eb3067664644518e0233e55035fc7e72b8821fabed73ade4af4b3985b5575446
-
SSDEEP
98304:/ftowq6CEEa1HhX7d2cehq1CUZsttxdqIV0F6uQHq3dKmA:3to4TyUGttxkk0FcHcMx
Malware Config
Targets
-
-
Target
087918f4ba4ce83037744e4f5318808b728ee909baec3583aefba31f5330f311
-
Size
4.1MB
-
MD5
92cdb723c9bc76df099e046630dafd3b
-
SHA1
3768f00fa6f7e88d6c292792c2c9a142649d32f9
-
SHA256
087918f4ba4ce83037744e4f5318808b728ee909baec3583aefba31f5330f311
-
SHA512
df46efaf21684ad0c33f0c767544ec5b642f0411c18d2497fc5493c5944f4ff3eb3067664644518e0233e55035fc7e72b8821fabed73ade4af4b3985b5575446
-
SSDEEP
98304:/ftowq6CEEa1HhX7d2cehq1CUZsttxdqIV0F6uQHq3dKmA:3to4TyUGttxkk0FcHcMx
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-