glupteba | 39e2e2217998a038cfc2dde28d0d3f7ad72aec185127734cda3fa7749d264076 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

39e2e2217998a038cfc2dde28d0d3f7ad72aec185127734cda3fa7749d264076
Size

4.1MB
Sample

231211-mc7psaddc8
MD5

933ae1b57e3a43db69256961a7fa87de
SHA1

7eb57ead1258377008e175c28620ad77915badae
SHA256

39e2e2217998a038cfc2dde28d0d3f7ad72aec185127734cda3fa7749d264076
SHA512

47e6c8cded469640ae08c1b9c8f5cdf218cff276471a9c73ebcf2c8f96bb48b96dc017553f65c1768f660b87fb56f5081f073a3246eaa1938fb5639cfd5f3405
SSDEEP

49152:ijlHChNZod0x4MTauE1Kwrc5nlMtnafAgl+Qmj8XW6BDDUdy+nf6FayRr+DU2MoY:clHEtjSVqnPAglVI8m6S5nf6syRqc

Score

10^/10

glupteba dropper evasion loader upx

Static task

static1

Behavioral task

behavioral1

Sample

39e2e2217998a038cfc2dde28d0d3f7ad72aec185127734cda3fa7749d264076.exe

Resource

win10v2004-20231130-en

glupteba dropper evasion loader upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  39e2e2217998a038cfc2dde28d0d3f7ad72aec185127734cda3fa7749d264076
- Size
  
  4.1MB
- MD5
  
  933ae1b57e3a43db69256961a7fa87de
- SHA1
  
  7eb57ead1258377008e175c28620ad77915badae
- SHA256
  
  39e2e2217998a038cfc2dde28d0d3f7ad72aec185127734cda3fa7749d264076
- SHA512
  
  47e6c8cded469640ae08c1b9c8f5cdf218cff276471a9c73ebcf2c8f96bb48b96dc017553f65c1768f660b87fb56f5081f073a3246eaa1938fb5639cfd5f3405
- SSDEEP
  
  49152:ijlHChNZod0x4MTauE1Kwrc5nlMtnafAgl+Qmj8XW6BDDUdy+nf6FayRr+DU2MoY:clHEtjSVqnPAglVI8m6S5nf6syRqc
Score

10^/10

glupteba dropper evasion loader upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebadropperevasionloaderupx

© 2018-2025

Terms | Privacy