Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    09ef8f71cc5c84e05b318f791d60da0326d3875f05fc21b6b7834095dd45e39a

  • Size

    4.1MB

  • Sample

    240429-yfnxmabd6s

  • MD5

    e0c400fa86fd650de141c95a44ecabb5

  • SHA1

    c737e8c76ca78f6013a5d312a82e52fefb67e354

  • SHA256

    09ef8f71cc5c84e05b318f791d60da0326d3875f05fc21b6b7834095dd45e39a

  • SHA512

    cd6842bc709eea156291ce4aa2c0495fc8bb80f2bc6b55a54d6233b46d2661a5c25d9a0032f4ce8f29a6d34dcf2f4ec6394180fa95e6ef39a28f2d8f29b318b9

  • SSDEEP

    98304:BdQuuPHa5MdStgxripkXnRwi4vnPQHeH26Ah+8mVZTf:guu/awStgipkXtkP6Lof

Score
10/10
gluptebadropperevasionloaderupx

Malware Config

Targets

    • Target

      09ef8f71cc5c84e05b318f791d60da0326d3875f05fc21b6b7834095dd45e39a

    • Size

      4.1MB

    • MD5

      e0c400fa86fd650de141c95a44ecabb5

    • SHA1

      c737e8c76ca78f6013a5d312a82e52fefb67e354

    • SHA256

      09ef8f71cc5c84e05b318f791d60da0326d3875f05fc21b6b7834095dd45e39a

    • SHA512

      cd6842bc709eea156291ce4aa2c0495fc8bb80f2bc6b55a54d6233b46d2661a5c25d9a0032f4ce8f29a6d34dcf2f4ec6394180fa95e6ef39a28f2d8f29b318b9

    • SSDEEP

      98304:BdQuuPHa5MdStgxripkXnRwi4vnPQHeH26Ah+8mVZTf:guu/awStgipkXtkP6Lof

    Score
    10/10
    gluptebadropperevasionloaderupx

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba payload

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks