glupteba | 28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671 | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671
Size

4.2MB
Sample

231224-195hksdhb9
MD5

3713e6201d3af8b21e49af657ed92747
SHA1

efa27878de0a2f3376d10806a6a4b11cec1c328f
SHA256

28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671
SHA512

c0ab57692fd713846c3506d51fe792c32c0338f770c94a69e9430ed1d0f34f3e8ee589d6e95e708a123cfa708b8755e72ab2a66314d558e46e56bb1afe605ad9
SSDEEP

98304:xid6ElEk5mXW0dnXr7lNIYp/jeOdAutOrZKnCvBs7toCOVmK7:Qd6mt5mm+nX7x/jIksOCQtoFVt7

Score

10^/10

glupteba dropper evasion loader upx

Static task

static1

Behavioral task

behavioral1

Sample

28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671.exe

Resource

win7-20231215-en

glupteba dropper evasion loader upx

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671.exe

Resource

win10-20231215-en

glupteba dropper evasion loader upx

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Targets

- Target
  
  28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671
- Size
  
  4.2MB
- MD5
  
  3713e6201d3af8b21e49af657ed92747
- SHA1
  
  efa27878de0a2f3376d10806a6a4b11cec1c328f
- SHA256
  
  28e08fb2abe4cd45cb653a2540e2aa13ea088b600b9d36ffeb74c13e9a46d671
- SHA512
  
  c0ab57692fd713846c3506d51fe792c32c0338f770c94a69e9430ed1d0f34f3e8ee589d6e95e708a123cfa708b8755e72ab2a66314d558e46e56bb1afe605ad9
- SSDEEP
  
  98304:xid6ElEk5mXW0dnXr7lNIYp/jeOdAutOrZKnCvBs7toCOVmK7:Qd6mt5mm+nX7x/jIksOCQtoFVt7
Score

10^/10

glupteba dropper evasion loader upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Modifies boot configuration data using bcdedit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebadropperevasionloaderupx

behavioral2

gluptebadropperevasionloaderupx

© 2018-2025

Terms | Privacy