General

  • Target

    91c144a59bde0a0df60754d0b6beb12ca6be307c3900dc212410c60390fb541b

  • Size

    4.2MB

  • Sample

    240509-27ttqsff93

  • MD5

    1747190f4dfae80f465fadd76febe581

  • SHA1

    5442bfe5ef0f70f655e2b9d1744ca98e7b0f9b93

  • SHA256

    91c144a59bde0a0df60754d0b6beb12ca6be307c3900dc212410c60390fb541b

  • SHA512

    c4d54873c302cd0c21a739f1753dfdd4a0518de9331fc15cdd33b1be43a55c5091486608770b781d5109448de1dbe98d226c9b00eb336c1f9ba575c6de430384

  • SSDEEP

    98304:cdBFtQBAe6Mq3XPKS49jjLuCFfDOw5elpHBKlxxK3:cPQSrdt4jjLuCFrF5elpYlxxW

Malware Config

Targets

    • Target

      91c144a59bde0a0df60754d0b6beb12ca6be307c3900dc212410c60390fb541b

    • Size

      4.2MB

    • MD5

      1747190f4dfae80f465fadd76febe581

    • SHA1

      5442bfe5ef0f70f655e2b9d1744ca98e7b0f9b93

    • SHA256

      91c144a59bde0a0df60754d0b6beb12ca6be307c3900dc212410c60390fb541b

    • SHA512

      c4d54873c302cd0c21a739f1753dfdd4a0518de9331fc15cdd33b1be43a55c5091486608770b781d5109448de1dbe98d226c9b00eb336c1f9ba575c6de430384

    • SSDEEP

      98304:cdBFtQBAe6Mq3XPKS49jjLuCFfDOw5elpHBKlxxK3:cPQSrdt4jjLuCFrF5elpYlxxW

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba payload

    • Modifies Windows Firewall

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Modifies boot configuration data using bcdedit

MITRE ATT&CK Enterprise v15

Tasks