General
-
Target
JC_9ed58b86b74f85df2c795d96484053805536d3dd9b3fc81047aef2e9595b9993
-
Size
4.2MB
-
Sample
231013-c34eyaba6y
-
MD5
a9df4c6a529659c4e833c17d1ff57090
-
SHA1
e42eb1696f98947c9ef1f805947d7f38d93bf8bb
-
SHA256
9ed58b86b74f85df2c795d96484053805536d3dd9b3fc81047aef2e9595b9993
-
SHA512
c3883e031127c15dd6be524e5728c01ddefed94b67279de4dbad0fc270004f82dfac875e51f56e93c8924b694a8b564de12da7a875eaedf984e020ae16b71c4b
-
SSDEEP
98304:POTW8ZdWFo+dTMaKwatD/LbEKr19Wf08sDMpxP76ImAY9otrzn34hni:yZdWFfhMTwq/LbJx9hD0PzmAFtX3Wi
Malware Config
Targets
-
-
Target
JC_9ed58b86b74f85df2c795d96484053805536d3dd9b3fc81047aef2e9595b9993
-
Size
4.2MB
-
MD5
a9df4c6a529659c4e833c17d1ff57090
-
SHA1
e42eb1696f98947c9ef1f805947d7f38d93bf8bb
-
SHA256
9ed58b86b74f85df2c795d96484053805536d3dd9b3fc81047aef2e9595b9993
-
SHA512
c3883e031127c15dd6be524e5728c01ddefed94b67279de4dbad0fc270004f82dfac875e51f56e93c8924b694a8b564de12da7a875eaedf984e020ae16b71c4b
-
SSDEEP
98304:POTW8ZdWFo+dTMaKwatD/LbEKr19Wf08sDMpxP76ImAY9otrzn34hni:yZdWFfhMTwq/LbJx9hD0PzmAFtX3Wi
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba payload
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-