Extracted

• • Target

    57b10105a6def31c74e6b5bd1182de81

  • Size

    4.4MB

  • MD5

    57b10105a6def31c74e6b5bd1182de81

  • SHA1

    18ad0688033fe360b90a96f5374ef4414c2e4f32

  • SHA256

    7159e4ff1500b6f091105907e3aebbb27758c966231e4be0cbb0c85832b4f0e6

  • SHA512

    98da377b01c4fbcf9cf09f2df7710224848e2f57966894459dba18fa10c522c593709ba0e61830bd23cdb952f3678a0598861073ca40a340f3bd235dd064c34d

  • SSDEEP

    98304:Lg3aFLu687Bg/hl/Qcl3sCGCPWbi8+/7NkKpFWBsE:3lul7Bg5l/QerPEA/RkUWj

  Score

  10^/10

  gluptebametasploitbackdoordropperevasionloadertrojan

  • Glupteba

    Glupteba is a modular loader written in Golang with various components.

    loaderdropperglupteba

  • Glupteba payload

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Modifies Windows Firewall

    evasion

  • Modifies boot configuration data using bcdedit

  behavioral1behavioral2