General

  • Target

    f18cedf4b99abbcc778c1b6925a46c64bf7383782c9a48dbcca4e7949f8381f6

  • Size

    4.2MB

  • Sample

    240419-x3y6fadc39

  • MD5

    0796ac200d1f3642b598d14cf31606a1

  • SHA1

    149e9647d003952a2b1a001c1510167158022cea

  • SHA256

    f18cedf4b99abbcc778c1b6925a46c64bf7383782c9a48dbcca4e7949f8381f6

  • SHA512

    bb49e5f61975654800fa822e018275266c28c9fbec3dd6a2c93484a815d8e72d0df4d6dd66d3eb6d9e4c228272ab6d22896cc92c31d19857e06f3b8a741c69a5

  • SSDEEP

    98304:btwUIgr6Tu/hivXD0fl0IvZVjhgp1+mYFjvUcmYnimsjZaHeK:Jw6rquKXDtU1Y2GYniVjUH3

Malware Config

Targets

    • Target

      f18cedf4b99abbcc778c1b6925a46c64bf7383782c9a48dbcca4e7949f8381f6

    • Size

      4.2MB

    • MD5

      0796ac200d1f3642b598d14cf31606a1

    • SHA1

      149e9647d003952a2b1a001c1510167158022cea

    • SHA256

      f18cedf4b99abbcc778c1b6925a46c64bf7383782c9a48dbcca4e7949f8381f6

    • SHA512

      bb49e5f61975654800fa822e018275266c28c9fbec3dd6a2c93484a815d8e72d0df4d6dd66d3eb6d9e4c228272ab6d22896cc92c31d19857e06f3b8a741c69a5

    • SSDEEP

      98304:btwUIgr6Tu/hivXD0fl0IvZVjhgp1+mYFjvUcmYnimsjZaHeK:Jw6rquKXDtU1Y2GYniVjUH3

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks