Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

221f7a1936cab2179b7359d06c6b37952fb97648595ee8a72b409ef73385013f
Size

4MB
Sample

230202-q6gx1adc91
MD5

a8f59c9814b70f8ee0ca2c30c0112afb
SHA1

24f1618d466d601b3d0c7ab1b41411d100a0e3bd
SHA256

221f7a1936cab2179b7359d06c6b37952fb97648595ee8a72b409ef73385013f
SHA512

414b8138a08189a4e8552e5e52a36b005cd4dbdefffbb267568106080a857a5f8e502302f2a9dfaa111d701e521d3b09ca15457f4e8ecd483187feaedc9dd3d5
SSDEEP

98304:v8+tOgQNJoxnPTtSIZTCNfXKCvPF8rRb7pumT7qb7g:0+tcNJoRPT1ZTCldHWnpumTsg

Score

10^/10

glupteba discovery dropper evasion loader persistence trojan upx

Malware Config

Targets

- Target
  
  221f7a1936cab2179b7359d06c6b37952fb97648595ee8a72b409ef73385013f
- Size
  
  4MB
- MD5
  
  a8f59c9814b70f8ee0ca2c30c0112afb
- SHA1
  
  24f1618d466d601b3d0c7ab1b41411d100a0e3bd
- SHA256
  
  221f7a1936cab2179b7359d06c6b37952fb97648595ee8a72b409ef73385013f
- SHA512
  
  414b8138a08189a4e8552e5e52a36b005cd4dbdefffbb267568106080a857a5f8e502302f2a9dfaa111d701e521d3b09ca15457f4e8ecd483187feaedc9dd3d5
- SSDEEP
  
  98304:v8+tOgQNJoxnPTtSIZTCNfXKCvPF8rRb7pumT7qb7g:0+tcNJoRPT1ZTCldHWnpumTsg
Score

10^/10

glupteba discovery dropper evasion loader persistence trojan upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Query Registry

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

gluptebadiscoverydropperevasionloaderpersistencetrojanupx