glupteba | 53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88 | Triage

Submit
Reports

Overview

overview

Static

static

1

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88
Size

4.2MB
Sample

240425-l5wbsahf6z
MD5

c750975d21fe03ef646fe95d2e021cab
SHA1

ed0548ff4049ae147cd7b1ecd9cd4930559705c6
SHA256

53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88
SHA512

f01461bee2efb7e9e197c41959ae2760eb6957647f2deb03e99850c45c3c7754770e60e2ce3986e2a1865308616628d750f7f53ed45614a88177776f5a5db0fa
SSDEEP

98304:ZVZ8YaHLZbdTGPWbzvCz1SbsIN2xntSV3Lk4gGf7SZ7O3TWurZ:ZVdUTGUCz4L243Lk4Du1OjWc

Score

10^/10

glupteba dropper evasion loader upx

Static task

static1

Behavioral task

behavioral1

Sample

53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88.exe

Resource

win10v2004-20240412-en

glupteba dropper evasion loader upx

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88.exe

Resource

win11-20240412-en

glupteba dropper evasion loader upx

windows11-21h2-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88
- Size
  
  4.2MB
- MD5
  
  c750975d21fe03ef646fe95d2e021cab
- SHA1
  
  ed0548ff4049ae147cd7b1ecd9cd4930559705c6
- SHA256
  
  53a419c0cdd228f69f3527a59297dd87a0ac630cb4d703829d4ffd0b9c722e88
- SHA512
  
  f01461bee2efb7e9e197c41959ae2760eb6957647f2deb03e99850c45c3c7754770e60e2ce3986e2a1865308616628d750f7f53ed45614a88177776f5a5db0fa
- SSDEEP
  
  98304:ZVZ8YaHLZbdTGPWbzvCz1SbsIN2xntSV3Lk4gGf7SZ7O3TWurZ:ZVdUTGUCz4L243Lk4Du1OjWc
Score

10^/10

glupteba dropper evasion loader upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gluptebadropperevasionloaderupx

behavioral2

gluptebadropperevasionloaderupx

© 2018-2024

Terms | Privacy