General

  • Target

    61cdb6ad4ad643feefd9e21ebdc4b856

  • Size

    4.4MB

  • Sample

    240117-fqg8qahael

  • MD5

    61cdb6ad4ad643feefd9e21ebdc4b856

  • SHA1

    43ba3c9ab74063d996953bd97d97a603628beb73

  • SHA256

    fdf6e02efbbcda036e5d5cf562c2c93920e834de040cfccc5fbada4ecd821b70

  • SHA512

    7e0851ab31443cf28061fc1b09c9469f3cd1275ff84226fc65c11483b8e5525a19b2e5616b6c5996f262cd922e7b23ad4c873cb4fb109082ba5239b7a1531cb8

  • SSDEEP

    98304:ad35VgGMr/CliRRIEoCyfgL2pxYk46TNTkWObOaSiJ6VK:ugGMzClgToXYa3tNT6OJw

Malware Config

Extracted

Family

metasploit

Version

windows/single_exec

Targets

    • Target

      61cdb6ad4ad643feefd9e21ebdc4b856

    • Size

      4.4MB

    • MD5

      61cdb6ad4ad643feefd9e21ebdc4b856

    • SHA1

      43ba3c9ab74063d996953bd97d97a603628beb73

    • SHA256

      fdf6e02efbbcda036e5d5cf562c2c93920e834de040cfccc5fbada4ecd821b70

    • SHA512

      7e0851ab31443cf28061fc1b09c9469f3cd1275ff84226fc65c11483b8e5525a19b2e5616b6c5996f262cd922e7b23ad4c873cb4fb109082ba5239b7a1531cb8

    • SSDEEP

      98304:ad35VgGMr/CliRRIEoCyfgL2pxYk46TNTkWObOaSiJ6VK:ugGMzClgToXYa3tNT6OJw

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v15

Tasks