General
-
Target
c843448b12e941206e677072e4f78a75832b157a8a5ef7736b0fc0b572027b05
-
Size
4.1MB
-
Sample
231010-12xsrsgd92
-
MD5
8d873fbc0c35dd2c2715e12bfcada1a8
-
SHA1
8f7f8efe2c07c968f020cb24c4e1815cb390d1d3
-
SHA256
c843448b12e941206e677072e4f78a75832b157a8a5ef7736b0fc0b572027b05
-
SHA512
6e2e6a8208ed0345751bf5cb94d6200fee8efd668c62cd6ac9a4feefc60273290035463e58018ea20b8dd5687baa8a2b671bc878c0b8b1abe247c1221e2e76e6
-
SSDEEP
98304:mI8OPHwS8OmnWXU606R0g8wMu6/PruMGJPN5t0X1:J8OPQS86/06t2NG1ZO
Malware Config
Targets
-
-
Target
c843448b12e941206e677072e4f78a75832b157a8a5ef7736b0fc0b572027b05
-
Size
4.1MB
-
MD5
8d873fbc0c35dd2c2715e12bfcada1a8
-
SHA1
8f7f8efe2c07c968f020cb24c4e1815cb390d1d3
-
SHA256
c843448b12e941206e677072e4f78a75832b157a8a5ef7736b0fc0b572027b05
-
SHA512
6e2e6a8208ed0345751bf5cb94d6200fee8efd668c62cd6ac9a4feefc60273290035463e58018ea20b8dd5687baa8a2b671bc878c0b8b1abe247c1221e2e76e6
-
SSDEEP
98304:mI8OPHwS8OmnWXU606R0g8wMu6/PruMGJPN5t0X1:J8OPQS86/06t2NG1ZO
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba payload
-
Windows security bypass
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1