General

  • Target

    3c07b56d26a5291f28adfbfec17849f6fcff066a0dec578f1f9e0551aee91177

  • Size

    4.2MB

  • Sample

    240417-235qfaha82

  • MD5

    1a39a59881224faf7884d131c3172360

  • SHA1

    b90a2abdf54235d041f95f2c1cff7019fb860f34

  • SHA256

    3c07b56d26a5291f28adfbfec17849f6fcff066a0dec578f1f9e0551aee91177

  • SHA512

    616f4d1cf69963760961bbaaa396caa02d0b47530374e95a65b66a2216462e4c4c27b18eee0995d78b89dd793c466bec93699940f63a4f85d5e75c5664de0462

  • SSDEEP

    98304:9uj+q6TJ4wJXu5ZJ1j+7xTB8ercClYoKJ32fC3NV26E3wqtOnXcGdwYxxM:Aj+FTuwJ2ZmxTB8FOXbwqtOnFmYxM

Malware Config

Targets

    • Target

      3c07b56d26a5291f28adfbfec17849f6fcff066a0dec578f1f9e0551aee91177

    • Size

      4.2MB

    • MD5

      1a39a59881224faf7884d131c3172360

    • SHA1

      b90a2abdf54235d041f95f2c1cff7019fb860f34

    • SHA256

      3c07b56d26a5291f28adfbfec17849f6fcff066a0dec578f1f9e0551aee91177

    • SHA512

      616f4d1cf69963760961bbaaa396caa02d0b47530374e95a65b66a2216462e4c4c27b18eee0995d78b89dd793c466bec93699940f63a4f85d5e75c5664de0462

    • SSDEEP

      98304:9uj+q6TJ4wJXu5ZJ1j+7xTB8ercClYoKJ32fC3NV26E3wqtOnXcGdwYxxM:Aj+FTuwJ2ZmxTB8FOXbwqtOnFmYxM

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks