glupteba | fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207 | Triage

Submit
Reports

Overview

overview

Static

static

1

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207
Size

4.1MB
Sample

240517-ys8skage83
MD5

a7ddb03efd3e1dc3331b09367c87eeef
SHA1

0891eda0d60f2a27a7869de2dec2ebb992f01200
SHA256

fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207
SHA512

ca218ab17044579ed3c513c138be2fbb8b65666432f8b7cfe9c05883b26472dae5e18ead8cb918730d376297050dd01d5932d8ee2ec80daeff2a5fd4cf51b0fc
SSDEEP

49152:dKSHQE6bCrQt9J2m6qYk0f+BzgqdGFArOOO8EeNSlBbqHPgo81vjAIlxiZQJwR:d1wCr5kG+hEArjFEeNSldQg15xmhR

Score

10^/10

glupteba dropper evasion execution loader upx

Static task

static1

Behavioral task

behavioral1

Sample

fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207.exe

Resource

win10v2004-20240426-en

glupteba dropper evasion execution loader upx

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207.exe

Resource

win11-20240426-en

glupteba dropper evasion execution loader upx

windows11-21h2-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207
- Size
  
  4.1MB
- MD5
  
  a7ddb03efd3e1dc3331b09367c87eeef
- SHA1
  
  0891eda0d60f2a27a7869de2dec2ebb992f01200
- SHA256
  
  fb0cc8a7e692e8dd36e6fa359d71add62f54aeb5fc11523785f2d5d0f10ac207
- SHA512
  
  ca218ab17044579ed3c513c138be2fbb8b65666432f8b7cfe9c05883b26472dae5e18ead8cb918730d376297050dd01d5932d8ee2ec80daeff2a5fd4cf51b0fc
- SSDEEP
  
  49152:dKSHQE6bCrQt9J2m6qYk0f+BzgqdGFArOOO8EeNSlBbqHPgo81vjAIlxiZQJwR:d1wCr5kG+hEArjFEeNSldQg15xmhR
Score

10^/10

glupteba dropper evasion execution loader upx
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebadropperevasionexecutionloaderupx

behavioral2

gluptebadropperevasionexecutionloaderupx

© 2018-2025

Terms | Privacy