Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    504b3f2e3747da0d4649bb03f1e1cfa74e1fc35d40c67b5fc602f9a77bae2aa0

  • Size

    4.1MB

  • Sample

    240518-1ngjmahh43

  • MD5

    ad92e0df2eddb685d70cd83689ddf27f

  • SHA1

    7346fa89928b0b26ee96fbdbc137f205af588961

  • SHA256

    504b3f2e3747da0d4649bb03f1e1cfa74e1fc35d40c67b5fc602f9a77bae2aa0

  • SHA512

    ccf560596ecce815eaf9b1779102c10152dbf9e5788f3497b7e51ebff91bfeb1476f3935364d45525730b646bacafe89d3f8ece9d23bea8cd788bbe0ee95bf5e

  • SSDEEP

    98304:BsVQ+hudF4keJeyEqK0evsENr9r54Wa5Cc1nHXivv:Bs5hioeyE6OsERj43nc

Score
10/10
gluptebadropperevasionexecutionloaderupx

Malware Config

Targets

    • Target

      504b3f2e3747da0d4649bb03f1e1cfa74e1fc35d40c67b5fc602f9a77bae2aa0

    • Size

      4.1MB

    • MD5

      ad92e0df2eddb685d70cd83689ddf27f

    • SHA1

      7346fa89928b0b26ee96fbdbc137f205af588961

    • SHA256

      504b3f2e3747da0d4649bb03f1e1cfa74e1fc35d40c67b5fc602f9a77bae2aa0

    • SHA512

      ccf560596ecce815eaf9b1779102c10152dbf9e5788f3497b7e51ebff91bfeb1476f3935364d45525730b646bacafe89d3f8ece9d23bea8cd788bbe0ee95bf5e

    • SSDEEP

      98304:BsVQ+hudF4keJeyEqK0evsENr9r54Wa5Cc1nHXivv:Bs5hioeyE6OsERj43nc

    Score
    10/10
    gluptebadropperevasionexecutionloaderupx

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba payload

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks