Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c73561e1c715f20ba2c9583d41734dbe94a2b560c7bbaed33dd07b1dd9b55f9d

  • Size

    4.3MB

  • Sample

    210926-svcv1sehhp

  • MD5

    b00297c8c05f659406b569f29c3197fc

  • SHA1

    cf0727b0395eb156ae0d36a4a4e53d15ac26fb9f

  • SHA256

    c73561e1c715f20ba2c9583d41734dbe94a2b560c7bbaed33dd07b1dd9b55f9d

  • SHA512

    ee0ca3fc2fe1245e220d0f9b4e4c80a25ba65fce711ebc1603890a68d0aa8ca3e36d03cd670688d0bcd83ea62d4ca6f4dc623647f888f34bbd08a4a6665e4d25

Score
10/10
gluptebametasploitbackdoordropperloadertrojan

Malware Config

Extracted

Family

metasploit

Version

windows/single_exec

Targets

    • Target

      c73561e1c715f20ba2c9583d41734dbe94a2b560c7bbaed33dd07b1dd9b55f9d

    • Size

      4.3MB

    • MD5

      b00297c8c05f659406b569f29c3197fc

    • SHA1

      cf0727b0395eb156ae0d36a4a4e53d15ac26fb9f

    • SHA256

      c73561e1c715f20ba2c9583d41734dbe94a2b560c7bbaed33dd07b1dd9b55f9d

    • SHA512

      ee0ca3fc2fe1245e220d0f9b4e4c80a25ba65fce711ebc1603890a68d0aa8ca3e36d03cd670688d0bcd83ea62d4ca6f4dc623647f888f34bbd08a4a6665e4d25

    Score
    10/10
    gluptebametasploitbackdoordropperloadertrojan

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba Payload

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks