Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    737ebbb261e2ef22e4b23cfc572bbe444693b4467e773fc6f7777dd6f9a68fa0

  • Size

    4.1MB

  • Sample

    240517-lvf44scg98

  • MD5

    c36c383b7c637e9b5a636103876cff5e

  • SHA1

    3a5e514a6bb20d5627455b49114e44e4e5598e46

  • SHA256

    737ebbb261e2ef22e4b23cfc572bbe444693b4467e773fc6f7777dd6f9a68fa0

  • SHA512

    9389b741d6f6b964a7849d5c5393df993b7917a2cc8b19b45eb8c41eb4a2b286e89083711e6661f7dcb086a0ee733bf8fd8edee45615add00e80e05449a30dc0

  • SSDEEP

    98304:shY2qRRjR1paGoDMO/b2fpl9vUYBzPUd5cvaqxgKnFtiaG:yYlRLXY4O+pXvrLaqWucT

Score
10/10
gluptebadropperevasionexecutionloaderupx

Malware Config

Targets

    • Target

      737ebbb261e2ef22e4b23cfc572bbe444693b4467e773fc6f7777dd6f9a68fa0

    • Size

      4.1MB

    • MD5

      c36c383b7c637e9b5a636103876cff5e

    • SHA1

      3a5e514a6bb20d5627455b49114e44e4e5598e46

    • SHA256

      737ebbb261e2ef22e4b23cfc572bbe444693b4467e773fc6f7777dd6f9a68fa0

    • SHA512

      9389b741d6f6b964a7849d5c5393df993b7917a2cc8b19b45eb8c41eb4a2b286e89083711e6661f7dcb086a0ee733bf8fd8edee45615add00e80e05449a30dc0

    • SSDEEP

      98304:shY2qRRjR1paGoDMO/b2fpl9vUYBzPUd5cvaqxgKnFtiaG:yYlRLXY4O+pXvrLaqWucT

    Score
    10/10
    gluptebadropperevasionexecutionloaderupx

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba payload

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks