glupteba | add5bc2ef9acbcde5ca424f68e12316b477f6c74319873009eca7fb8fe6b9bf1 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

add5bc2ef9acbcde5ca424f68e12316b477f6c74319873009eca7fb8fe6b9bf1
Size

4.1MB
Sample

231107-mqfs8afe98
MD5

834c750f83412669861fa82690848028
SHA1

e96ac706ca14012f12a0aca76f781b4980703ef9
SHA256

add5bc2ef9acbcde5ca424f68e12316b477f6c74319873009eca7fb8fe6b9bf1
SHA512

ff7d2a6c7da8627f0d30f7f0c96c4c9e78d5a3aa526fbe3e944619b45814cf8a251bf15e4c7f392f5440bad02d4c514f9faea25b2fc629274671d60c2f960695
SSDEEP

98304:Qa3inGKt/6ZpALsWXm8odTyyYqR3xqmOt:b6/6Iy8oYuYpt

Score

10^/10

glupteba dropper evasion loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

add5bc2ef9acbcde5ca424f68e12316b477f6c74319873009eca7fb8fe6b9bf1.exe

Resource

win10v2004-20231023-en

glupteba dropper evasion loader persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  add5bc2ef9acbcde5ca424f68e12316b477f6c74319873009eca7fb8fe6b9bf1
- Size
  
  4.1MB
- MD5
  
  834c750f83412669861fa82690848028
- SHA1
  
  e96ac706ca14012f12a0aca76f781b4980703ef9
- SHA256
  
  add5bc2ef9acbcde5ca424f68e12316b477f6c74319873009eca7fb8fe6b9bf1
- SHA512
  
  ff7d2a6c7da8627f0d30f7f0c96c4c9e78d5a3aa526fbe3e944619b45814cf8a251bf15e4c7f392f5440bad02d4c514f9faea25b2fc629274671d60c2f960695
- SSDEEP
  
  98304:Qa3inGKt/6ZpALsWXm8odTyyYqR3xqmOt:b6/6Iy8oYuYpt
Score

10^/10

glupteba dropper evasion loader persistence
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebadropperevasionloaderpersistence

© 2018-2024

Terms | Privacy