glupteba | 45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df | Triage

Submit
Reports

Overview

overview

Static

static

45164f55a3...df.exe

windows7_x64

45164f55a3...df.exe

windows10-2004_x64

Sharing

General

Target

45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df
Size

3.9MB
Sample

220509-ax1ezsbge6
MD5

2be54f9ad0468543a07a896b5fc5030c
SHA1

9a8e7d24190ce69979119add12194bdc17101923
SHA256

45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df
SHA512

08a95e2be1fa32faa3c38c50a13cf78fb0f201209dedd25b160eefccde8f18d8500d1809cd3cb9d08f6ed754dcd154c576c7986759d17aaa7496793d71175f31

Score

10^/10

glupteba dropper evasion loader

Static task

static1

Behavioral task

behavioral1

Sample

45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df.exe

Resource

win7-20220414-en

glupteba dropper evasion loader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df.exe

Resource

win10v2004-20220414-en

glupteba dropper evasion loader

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df
- Size
  
  3.9MB
- MD5
  
  2be54f9ad0468543a07a896b5fc5030c
- SHA1
  
  9a8e7d24190ce69979119add12194bdc17101923
- SHA256
  
  45164f55a319aeb0e3c3a959c9169c5f464bc95af4efcd9f56befef7208371df
- SHA512
  
  08a95e2be1fa32faa3c38c50a13cf78fb0f201209dedd25b160eefccde8f18d8500d1809cd3cb9d08f6ed754dcd154c576c7986759d17aaa7496793d71175f31
Score

10^/10

glupteba dropper evasion loader
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba Payload
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Modifies Windows Firewall
  evasion
- Modifies boot configuration data using bcdedit
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gluptebadropperevasionloader

behavioral2

gluptebadropperevasionloader

© 2018-2024

Terms | Privacy