Analysis
-
max time kernel
96s -
max time network
99s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
28-03-2023 06:19
General
-
Target
f23c4ca83beb7d7863c38094d9fbc31d9543f720e95bf7392cf08adf42df420e.exe
-
Size
4.1MB
-
MD5
b13b665e2e40742ab6b49f50d620b464
-
SHA1
a2d79c578e760feb0c26b6626809ef3da6a3272a
-
SHA256
f23c4ca83beb7d7863c38094d9fbc31d9543f720e95bf7392cf08adf42df420e
-
SHA512
5f912340b95fdac2fe1e86b38007774ec56c05feb1d8e1265aa2aced5d3ccc149e0d7e418598d26072f0f60878cef8e83d811c7d3cb9c0eb1e377e2c9738f65f
-
SSDEEP
98304:lXpdC+AG3N331+0ioxXOrXg4JLXEXtwxhH0Q4t1aUlB7T3/YZv4wh0Nz:1lAG3iKwg4JLXECj0rzPvYZvJh0Nz
Score
10/10
Malware Config
Signatures
-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba payload 2 IoCs
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f23c4ca83beb7d7863c38094d9fbc31d9543f720e95bf7392cf08adf42df420e.exe"C:\Users\Admin\AppData\Local\Temp\f23c4ca83beb7d7863c38094d9fbc31d9543f720e95bf7392cf08adf42df420e.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1788 -s 2722⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 1788 -ip 17881⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1788-134-0x0000000005210000-0x0000000005A87000-memory.dmpFilesize
8.5MB
-
memory/1788-135-0x0000000000400000-0x0000000002F48000-memory.dmpFilesize
43.3MB