glupteba | df60a10f240dc886783f8c3d810d726c7b267b6a5eedbee53e4be5c7ca677cf1 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

df60a10f240dc886783f8c3d810d726c7b267b6a5eedbee53e4be5c7ca677cf1
Size

4.2MB
Sample

230521-a6n4baaa9y
MD5

732f974cc9a3190f1ce32d805de04f11
SHA1

f8f673836c66ac5d40eb88307f6d42d8985c1f87
SHA256

df60a10f240dc886783f8c3d810d726c7b267b6a5eedbee53e4be5c7ca677cf1
SHA512

8e7b86b0d7f6e9c6be8b3615b44c3617a079b8f236f01c5d1d093e9263f15d1cc2a8505b53f8c72adbf7f3ab5542ab2b27389eed77782ba8fcf77ee290fb05bc
SSDEEP

98304:Z8QQP1dPSr6t8SMymQvJrSxUo22Y/85uAOjQ8d7FY4FVuOiV:BQP19SA8STNHxxuuAOjhB64A

Score

10^/10

glupteba dropper evasion loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

df60a10f240dc886783f8c3d810d726c7b267b6a5eedbee53e4be5c7ca677cf1.exe

Resource

win10v2004-20230220-en

glupteba dropper evasion loader persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  df60a10f240dc886783f8c3d810d726c7b267b6a5eedbee53e4be5c7ca677cf1
- Size
  
  4.2MB
- MD5
  
  732f974cc9a3190f1ce32d805de04f11
- SHA1
  
  f8f673836c66ac5d40eb88307f6d42d8985c1f87
- SHA256
  
  df60a10f240dc886783f8c3d810d726c7b267b6a5eedbee53e4be5c7ca677cf1
- SHA512
  
  8e7b86b0d7f6e9c6be8b3615b44c3617a079b8f236f01c5d1d093e9263f15d1cc2a8505b53f8c72adbf7f3ab5542ab2b27389eed77782ba8fcf77ee290fb05bc
- SSDEEP
  
  98304:Z8QQP1dPSr6t8SMymQvJrSxUo22Y/85uAOjQ8d7FY4FVuOiV:BQP19SA8STNHxxuuAOjhB64A
Score

10^/10

glupteba dropper evasion loader persistence
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebadropperevasionloaderpersistence

© 2018-2025

Terms | Privacy