General

  • Target

    eff8452fdc6b400080a7619716061d25d5a3fe796846349dbd7ed54f119b32e9

  • Size

    4.2MB

  • Sample

    240418-lneygaaf3w

  • MD5

    45c9d7a48266d67c5df7a16af51edc6b

  • SHA1

    2fe0c2e8625690606a0d7967e03a4e90819cd060

  • SHA256

    eff8452fdc6b400080a7619716061d25d5a3fe796846349dbd7ed54f119b32e9

  • SHA512

    37bb76a37dc6422119936ab7e4b2c0304cfe287fc25a27462196525b27f39872e5d095aebcc4bd55213641d1d5e1aa1efb6d2e1d88580c4ad749ee3f00189f78

  • SSDEEP

    98304:kCPl518CIueKP5d7oVK7H7yJZnHQCD3+yubJ0gajSK:B518Ue6qZnwCDRsJZVK

Malware Config

Targets

    • Target

      eff8452fdc6b400080a7619716061d25d5a3fe796846349dbd7ed54f119b32e9

    • Size

      4.2MB

    • MD5

      45c9d7a48266d67c5df7a16af51edc6b

    • SHA1

      2fe0c2e8625690606a0d7967e03a4e90819cd060

    • SHA256

      eff8452fdc6b400080a7619716061d25d5a3fe796846349dbd7ed54f119b32e9

    • SHA512

      37bb76a37dc6422119936ab7e4b2c0304cfe287fc25a27462196525b27f39872e5d095aebcc4bd55213641d1d5e1aa1efb6d2e1d88580c4ad749ee3f00189f78

    • SSDEEP

      98304:kCPl518CIueKP5d7oVK7H7yJZnHQCD3+yubJ0gajSK:B518Ue6qZnwCDRsJZVK

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks