glupteba | 53d93057c758cfd5e44acabe76c190596d6711cdc335d4e69ad5b6ab6cdeb206 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

53d93057c758cfd5e44acabe76c190596d6711cdc335d4e69ad5b6ab6cdeb206
Size

4.0MB
Sample

221003-ss5s1scfg8
MD5

ff5d46200224b099ce27d0d7001710d5
SHA1

1ecef1b31f60e778cca788cbbb390e8ca29c8fdf
SHA256

53d93057c758cfd5e44acabe76c190596d6711cdc335d4e69ad5b6ab6cdeb206
SHA512

b8059c44ad651d8b6c328b8a0c19409a89fc29148605b2f0e63a7412abc7938b964ae4baf5b2eba52e68a1b0da4044eed1bf1794015d9cf88e628212fa781ec8
SSDEEP

98304:06rlXRHYrUw1qhbdi5dLSk5GeiJAl/1bUDax+/1R3IXTga:7rlXRHJB+deHRA7Qg+f3IXEa

Score

10^/10

glupteba discovery dropper evasion loader persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

53d93057c758cfd5e44acabe76c190596d6711cdc335d4e69ad5b6ab6cdeb206.exe

Resource

win10-20220812-en

glupteba discovery dropper evasion loader persistence trojan

windows10-1703-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  53d93057c758cfd5e44acabe76c190596d6711cdc335d4e69ad5b6ab6cdeb206
- Size
  
  4.0MB
- MD5
  
  ff5d46200224b099ce27d0d7001710d5
- SHA1
  
  1ecef1b31f60e778cca788cbbb390e8ca29c8fdf
- SHA256
  
  53d93057c758cfd5e44acabe76c190596d6711cdc335d4e69ad5b6ab6cdeb206
- SHA512
  
  b8059c44ad651d8b6c328b8a0c19409a89fc29148605b2f0e63a7412abc7938b964ae4baf5b2eba52e68a1b0da4044eed1bf1794015d9cf88e628212fa781ec8
- SSDEEP
  
  98304:06rlXRHYrUw1qhbdi5dLSk5GeiJAl/1bUDax+/1R3IXTga:7rlXRHJB+deHRA7Qg+f3IXEa
Score

10^/10

glupteba discovery dropper evasion loader persistence trojan
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gluptebadiscoverydropperevasionloaderpersistencetrojan

© 2018-2024

Terms | Privacy