glupteba | 65d1221aa98162f07b0a2116a00a5bebb9a1667a5dd04b9479cebd9b117e8625 | Triage

Submit
Reports

Overview

overview

Static

static

1

483615e15c...dd.exe

windows7-x64

483615e15c...dd.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

483615e15cc9d4e87654e5a7a39803dd
Size

4.5MB
Sample

231226-bj2asshaer
MD5

483615e15cc9d4e87654e5a7a39803dd
SHA1

1f4326980f1ad5b046791c5c3c3329602a00beb0
SHA256

65d1221aa98162f07b0a2116a00a5bebb9a1667a5dd04b9479cebd9b117e8625
SHA512

3adf4c46533be5d8e903bd769d62340a62b70a214bbef890ce920a9371590aa12139aaaf30ce7c739f1dca3344be7558dffd9a33a40514ee7d60fed51286cb5b
SSDEEP

98304:Qjf/cWS3aJKDmEEMZ8r2OwsKpdHt4PEUTdoMuVPBtH:3wKDtDOqOwTpdHEECuMuVP3

Score

10^/10

glupteba metasploit backdoor dropper evasion loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

483615e15cc9d4e87654e5a7a39803dd.exe

Resource

win7-20231129-en

glupteba metasploit backdoor dropper evasion loader trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

483615e15cc9d4e87654e5a7a39803dd.exe

Resource

win10v2004-20231215-en

glupteba metasploit backdoor dropper evasion loader trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/single_exec

Targets

- Target
  
  483615e15cc9d4e87654e5a7a39803dd
- Size
  
  4.5MB
- MD5
  
  483615e15cc9d4e87654e5a7a39803dd
- SHA1
  
  1f4326980f1ad5b046791c5c3c3329602a00beb0
- SHA256
  
  65d1221aa98162f07b0a2116a00a5bebb9a1667a5dd04b9479cebd9b117e8625
- SHA512
  
  3adf4c46533be5d8e903bd769d62340a62b70a214bbef890ce920a9371590aa12139aaaf30ce7c739f1dca3344be7558dffd9a33a40514ee7d60fed51286cb5b
- SSDEEP
  
  98304:Qjf/cWS3aJKDmEEMZ8r2OwsKpdHt4PEUTdoMuVPBtH:3wKDtDOqOwTpdHEECuMuVP3
Score

10^/10

glupteba metasploit backdoor dropper evasion loader trojan
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Modifies Windows Firewall
  evasion
- Modifies boot configuration data using bcdedit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebametasploitbackdoordropperevasionloadertrojan

behavioral2

gluptebametasploitbackdoordropperevasionloadertrojan

© 2018-2025

Terms | Privacy