Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04a08340acaf2c4b3e84bd0c0b3744399c8b5c8a881f58deb7b7733901890b83

  • Size

    4.1MB

  • Sample

    240517-285bvsgb6x

  • MD5

    1608f175aad995d6dae1c8c7651fd401

  • SHA1

    5cef3ae45bd388af6106ac791e46d296b4fd82ab

  • SHA256

    04a08340acaf2c4b3e84bd0c0b3744399c8b5c8a881f58deb7b7733901890b83

  • SHA512

    4729e08bd8ed68c04589f0a04b72c32386694b55c976d094f9107dbabb0a296f22ccd032f683b1f9c5287f8003099724d688eec7e8bef0b0f53b96a50a12848f

  • SSDEEP

    98304:kmJz+EAFuKpzA6GjnwtAd4VH0G8BBOAZM6KCBe84z:xh+Eouw86GbIivMwMVCB8z

Score
10/10
gluptebadropperevasionexecutionloaderupx

Malware Config

Targets

    • Target

      04a08340acaf2c4b3e84bd0c0b3744399c8b5c8a881f58deb7b7733901890b83

    • Size

      4.1MB

    • MD5

      1608f175aad995d6dae1c8c7651fd401

    • SHA1

      5cef3ae45bd388af6106ac791e46d296b4fd82ab

    • SHA256

      04a08340acaf2c4b3e84bd0c0b3744399c8b5c8a881f58deb7b7733901890b83

    • SHA512

      4729e08bd8ed68c04589f0a04b72c32386694b55c976d094f9107dbabb0a296f22ccd032f683b1f9c5287f8003099724d688eec7e8bef0b0f53b96a50a12848f

    • SSDEEP

      98304:kmJz+EAFuKpzA6GjnwtAd4VH0G8BBOAZM6KCBe84z:xh+Eouw86GbIivMwMVCB8z

    Score
    10/10
    gluptebadropperevasionexecutionloaderupx

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba payload

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks