glupteba | bc8e6d57e3498ad6da369a273b240fc44693e340fdc687758c81dfd6035df6d8 | Triage

Submit
Reports

Overview

overview

Static

static

1

0e04814720...db.exe

windows7-x64

0e04814720...db.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0e0481472003a8e7361da8bf35cb72db
Size

4.5MB
Sample

231230-esg53aacem
MD5

0e0481472003a8e7361da8bf35cb72db
SHA1

391589f63e366dd6559b587d1485232afeb25a5c
SHA256

bc8e6d57e3498ad6da369a273b240fc44693e340fdc687758c81dfd6035df6d8
SHA512

343e82531ba29276269daae22ffb3e76b33a67a48beee64a94af4eb85f5760a87a3767efc9153d16a6cc6eb440dd3be43d52010d9246000f833a142db1e461b9
SSDEEP

98304:argRwGt7eme6jWyULYgwHUUVYhW1djzfoXMMFe8D/cqqom3IaGwifndk:aMRN7B+yzVU9hW1eMM0e/BPdaGZPm

Score

10^/10

glupteba metasploit backdoor dropper evasion loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

0e0481472003a8e7361da8bf35cb72db.exe

Resource

win7-20231129-en

glupteba metasploit backdoor dropper evasion loader trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e0481472003a8e7361da8bf35cb72db.exe

Resource

win10v2004-20231222-en

glupteba metasploit backdoor dropper evasion loader trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/single_exec

Targets

- Target
  
  0e0481472003a8e7361da8bf35cb72db
- Size
  
  4.5MB
- MD5
  
  0e0481472003a8e7361da8bf35cb72db
- SHA1
  
  391589f63e366dd6559b587d1485232afeb25a5c
- SHA256
  
  bc8e6d57e3498ad6da369a273b240fc44693e340fdc687758c81dfd6035df6d8
- SHA512
  
  343e82531ba29276269daae22ffb3e76b33a67a48beee64a94af4eb85f5760a87a3767efc9153d16a6cc6eb440dd3be43d52010d9246000f833a142db1e461b9
- SSDEEP
  
  98304:argRwGt7eme6jWyULYgwHUUVYhW1djzfoXMMFe8D/cqqom3IaGwifndk:aMRN7B+yzVU9hW1eMM0e/BPdaGZPm
Score

10^/10

glupteba metasploit backdoor dropper evasion loader trojan
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebametasploitbackdoordropperevasionloadertrojan

behavioral2

gluptebametasploitbackdoordropperevasionloadertrojan

© 2018-2025

Terms | Privacy