{
	"id": "9e8dbd4c-a90c-468f-a2c6-5c0c1d9444fb",
	"created_at": "2026-04-06T00:13:37.999224Z",
	"updated_at": "2026-04-10T03:21:01.433815Z",
	"deleted_at": null,
	"sha1_hash": "13af7fc88890923a0539183970a81ebb94eb7b33",
	"title": "GlobeImposter (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 29287,
	"plain_text": "GlobeImposter (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 22:37:22 UTC\r\nGlobeImposter is a ransomware application which is mainly distributed via \"blank slate\" spam (the spam has no\r\nmessage content and an attached ZIP file), exploits, malicious advertising, fake updates, and repacked installers.\r\nGlobeImposter mimics the Globe ransomware family.\r\nThis malware may prevent execution of Anti-Virus solutions and other OS related security features and may\r\nprevent system restoration.\r\n[TLP:WHITE] win_globeimposter_auto (20251219 | Detects win.globeimposter.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.globeimposter\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.globeimposter\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.globeimposter"
	],
	"report_names": [
		"win.globeimposter"
	],
	"threat_actors": [],
	"ts_created_at": 1775434417,
	"ts_updated_at": 1775791261,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/13af7fc88890923a0539183970a81ebb94eb7b33.pdf",
		"text": "https://archive.orkl.eu/13af7fc88890923a0539183970a81ebb94eb7b33.txt",
		"img": "https://archive.orkl.eu/13af7fc88890923a0539183970a81ebb94eb7b33.jpg"
	}
}