glupteba | 59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325 | Triage

Submit
Reports

Overview

overview

Static

static

1

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325
Size

4.2MB
Sample

240423-s3slfahe6t
MD5

0932870a1685f7a297b813138064e4b5
SHA1

63f215407f149f6c9ec42b613b5a78ff180084ac
SHA256

59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325
SHA512

3193a8f8d7fc6495369145d510d3d15c591f2007881b9771f5334ec3e093c0bf6c33a35ed17d39e0d13fb7212f60af9d144c5947ef6f693b0ba21d39639ee33a
SSDEEP

98304:9+Gg6aXQ+/QyN9wV3/YhHbVpnwBVKjBiw+3St8KHP:OXQwQ89A3/Y5DnwBWu3Q8Kv

Score

10^/10

glupteba dropper evasion loader upx

Static task

static1

Behavioral task

behavioral1

Sample

59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325.exe

Resource

win10v2004-20240412-en

glupteba dropper evasion loader upx

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325.exe

Resource

win11-20240412-en

glupteba dropper evasion loader upx

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325
- Size
  
  4.2MB
- MD5
  
  0932870a1685f7a297b813138064e4b5
- SHA1
  
  63f215407f149f6c9ec42b613b5a78ff180084ac
- SHA256
  
  59267a26a688c300a3e9afafbf6bac00cd852f35c5f5f471b95758c7e0e66325
- SHA512
  
  3193a8f8d7fc6495369145d510d3d15c591f2007881b9771f5334ec3e093c0bf6c33a35ed17d39e0d13fb7212f60af9d144c5947ef6f693b0ba21d39639ee33a
- SSDEEP
  
  98304:9+Gg6aXQ+/QyN9wV3/YhHbVpnwBVKjBiw+3St8KHP:OXQwQ89A3/Y5DnwBWu3Q8Kv
Score

10^/10

glupteba dropper evasion loader upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gluptebadropperevasionloaderupx

behavioral2

gluptebadropperevasionloaderupx

© 2018-2024

Terms | Privacy