General
-
Target
JC_80500c407a30bdf49f1d44374085deda807515b7eb0ce68f9fb583e159fa24b3
-
Size
4.3MB
-
Sample
231013-c6crdsda24
-
MD5
76443cb4428655a3d10165047d374d48
-
SHA1
5d2373cfb960dccaa1139b7863231273b5beab8c
-
SHA256
80500c407a30bdf49f1d44374085deda807515b7eb0ce68f9fb583e159fa24b3
-
SHA512
f8783799a859af57c4a649f55f16090fa4dc5afbf447c16abf9f62cb9c3e85134c1aa35dc4d9e8593e2b18996a7345af9f6c3f1ef1cca526e6364a3324d29d5f
-
SSDEEP
98304:ACdw5AxoPYwgxaszoi0roCYmOPtJQTcjhXx3zgLn:jdwqxoPYwgM4oixCKXjn3A
Malware Config
Targets
-
-
Target
JC_80500c407a30bdf49f1d44374085deda807515b7eb0ce68f9fb583e159fa24b3
-
Size
4.3MB
-
MD5
76443cb4428655a3d10165047d374d48
-
SHA1
5d2373cfb960dccaa1139b7863231273b5beab8c
-
SHA256
80500c407a30bdf49f1d44374085deda807515b7eb0ce68f9fb583e159fa24b3
-
SHA512
f8783799a859af57c4a649f55f16090fa4dc5afbf447c16abf9f62cb9c3e85134c1aa35dc4d9e8593e2b18996a7345af9f6c3f1ef1cca526e6364a3324d29d5f
-
SSDEEP
98304:ACdw5AxoPYwgxaszoi0roCYmOPtJQTcjhXx3zgLn:jdwqxoPYwgM4oixCKXjn3A
Score10/10-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba payload
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-