General
Target

287621cbd3dd3c8cfa36ea8482dd66be0eba17b701a1578251ec10cf4c04afb9

Size

3MB

Sample

220523-z89v8sccbn

Score
10/10
MD5

2d48cb04270279d2671002d34e14153a

SHA1

952c2fb3dc4557c49b0b91b3ee6a19083e455d81

SHA256

287621cbd3dd3c8cfa36ea8482dd66be0eba17b701a1578251ec10cf4c04afb9

SHA512

aa83e36687809cb30efda459b3f510ef5878f01985b678bc7bfa7c5965fa99d9257ff270219a618e29920a8230ee8f074d96eaf04873223388e86af0be8ad62e

Malware Config
Targets
Target

287621cbd3dd3c8cfa36ea8482dd66be0eba17b701a1578251ec10cf4c04afb9

MD5

2d48cb04270279d2671002d34e14153a

Filesize

3MB

Score
10/10
SHA1

952c2fb3dc4557c49b0b91b3ee6a19083e455d81

SHA256

287621cbd3dd3c8cfa36ea8482dd66be0eba17b701a1578251ec10cf4c04afb9

SHA512

aa83e36687809cb30efda459b3f510ef5878f01985b678bc7bfa7c5965fa99d9257ff270219a618e29920a8230ee8f074d96eaf04873223388e86af0be8ad62e

Tags

Signatures

  • Glupteba

    Description

    Glupteba is a modular loader written in Golang with various components.

    Tags

  • Glupteba Payload

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • Windows security bypass

    Tags

    TTPs

    Disabling Security ToolsModify Registry
  • Executes dropped EXE

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Loads dropped DLL

  • Windows security modification

    Tags

    TTPs

    Disabling Security ToolsModify Registry
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Modifies boot configuration data using bcdedit

  • Drops file in System32 directory

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral2

                    Score
                    10/10