glupteba | cb42dd6ea9c48507af2bebbb13f82a0bf3e8f76862abfa384c1ad85d337f7455

Analysis

max time kernel
0s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
04/05/2024, 11:25

Target

cb42dd6ea9c48507af2bebbb13f82a0bf3e8f76862abfa384c1ad85d337f7455.exe
Size

4.2MB
MD5

a03740a738adbfefd98e2468076c5ffe
SHA1

31abcb50776ee304ac1007a54d9f54f67ec3ac0d
SHA256

cb42dd6ea9c48507af2bebbb13f82a0bf3e8f76862abfa384c1ad85d337f7455
SHA512

c784259f11861dc018997f7daba8587498bcd08da14c9bcab4ee6120dd6267d7aa7bbce84a811b72ad233da982711655addd69d4b5cc5e9e4f57e1d9ade5e111
SSDEEP

98304:v3cPOagjlLvvlpDQlmkEcQj7VAyg5wMxEXna8l53ZXlfrGj+WY9D:P9aghtfVHgaMxMnLFZX1r3WmD

Score

10^/10

Glupteba
Glupteba is a modular loader written in Golang with various components.
loader dropper glupteba

Glupteba payload 2 IoCs

resource	yara_rule
behavioral2/memory/2656-2-0x0000000003F00000-0x00000000047EB000-memory.dmp	family_glupteba
behavioral2/memory/2656-3-0x0000000000400000-0x0000000000D1C000-memory.dmp	family_glupteba

C:\Users\Admin\AppData\Local\Temp\cb42dd6ea9c48507af2bebbb13f82a0bf3e8f76862abfa384c1ad85d337f7455.exe
"C:\Users\Admin\AppData\Local\Temp\cb42dd6ea9c48507af2bebbb13f82a0bf3e8f76862abfa384c1ad85d337f7455.exe"
1⤵
PID:2656

memory/2656-1-0x0000000003B00000-0x0000000003F00000-memory.dmp

Filesize
4.0MB

Download
memory/2656-2-0x0000000003F00000-0x00000000047EB000-memory.dmp

Filesize
8.9MB

Download
memory/2656-3-0x0000000000400000-0x0000000000D1C000-memory.dmp

Filesize
9.1MB

Download