glupteba | 07d77f3297dc7ecc70c415f553d03093faf769a59e9905cba2cbf811e4cc6bba | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

07d77f3297dc7ecc70c415f553d03093faf769a59e9905cba2cbf811e4cc6bba
Size

4.2MB
Sample

230127-q67hnabd82
MD5

18cd8a14ce73f1c7a4472c19f890735d
SHA1

393d3f1b41bccb8c233149d294e28a99093c3436
SHA256

07d77f3297dc7ecc70c415f553d03093faf769a59e9905cba2cbf811e4cc6bba
SHA512

cd3089052417671b444619eb08cc18f2cb99422f49182a10d07ac2773373a497bf2635d335485e65a60e9ff391911314fc1c84a1ac871f5066c6462b4743726b
SSDEEP

98304:xWNB1CbqzpS91CEidw2BD2iflouVXpE4+4aRUCF9Gp:O1oM8XidBT9oI53raRO

Score

10^/10

glupteba discovery dropper evasion loader persistence trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

07d77f3297dc7ecc70c415f553d03093faf769a59e9905cba2cbf811e4cc6bba.exe

Resource

win10-20220812-en

glupteba discovery dropper evasion loader persistence trojan upx

windows10-1703-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  07d77f3297dc7ecc70c415f553d03093faf769a59e9905cba2cbf811e4cc6bba
- Size
  
  4.2MB
- MD5
  
  18cd8a14ce73f1c7a4472c19f890735d
- SHA1
  
  393d3f1b41bccb8c233149d294e28a99093c3436
- SHA256
  
  07d77f3297dc7ecc70c415f553d03093faf769a59e9905cba2cbf811e4cc6bba
- SHA512
  
  cd3089052417671b444619eb08cc18f2cb99422f49182a10d07ac2773373a497bf2635d335485e65a60e9ff391911314fc1c84a1ac871f5066c6462b4743726b
- SSDEEP
  
  98304:xWNB1CbqzpS91CEidw2BD2iflouVXpE4+4aRUCF9Gp:O1oM8XidBT9oI53raRO
Score

10^/10

glupteba discovery dropper evasion loader persistence trojan upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

gluptebadiscoverydropperevasionloaderpersistencetrojanupx

© 2018-2024

Terms | Privacy