Overview

overview

10

Static

static

009dae0a48...63.exe

windows7_x64

10

009dae0a48...63.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    009dae0a4892cc0d44f4d230edb301d10cf37b76d724b546880f48c21a9d9563

  • Size

    3.8MB

  • Sample

    220524-qc46fabgb8

  • MD5

    59a8ad9df39a24463e6f88be2f5658aa

  • SHA1

    6c7d2b44eb640be26358eb7bbe68e5189accc329

  • SHA256

    009dae0a4892cc0d44f4d230edb301d10cf37b76d724b546880f48c21a9d9563

  • SHA512

    305ea17ef8531bb71e09d67c3253de8a4d3f2c9802c26a4c1605e2c1164dfb2a7b3d55123840692957ba9c107fb36e890eb1ed01b6a9826ea1c543efbfae1b3b

Score
10/10
gluptebadropperevasionloadersuricata

Malware Config

Targets

    • Target

      009dae0a4892cc0d44f4d230edb301d10cf37b76d724b546880f48c21a9d9563

    • Size

      3.8MB

    • MD5

      59a8ad9df39a24463e6f88be2f5658aa

    • SHA1

      6c7d2b44eb640be26358eb7bbe68e5189accc329

    • SHA256

      009dae0a4892cc0d44f4d230edb301d10cf37b76d724b546880f48c21a9d9563

    • SHA512

      305ea17ef8531bb71e09d67c3253de8a4d3f2c9802c26a4c1605e2c1164dfb2a7b3d55123840692957ba9c107fb36e890eb1ed01b6a9826ea1c543efbfae1b3b

    Score
    10/10
    gluptebadropperevasionloadersuricata

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba Payload

    • suricata: ET MALWARE Glupteba CnC Domain in DNS Lookup

      suricata: ET MALWARE Glupteba CnC Domain in DNS Lookup

      suricata

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks