glupteba | c0e45b39bf808cc4741933404772f7a2f90dfc453b17b5d30fc71f2f7373e7c8 | Triage

Submit
Reports

Overview

overview

Static

static

3

d055aa1d27...18.exe

windows7-x64

d055aa1d27...18.exe

windows10-2004-x64

Sharing

General

Target

d055aa1d2702cf0186ac8dc1c2aea170_JaffaCakes118
Size

5.0MB
Sample

240906-yjwfwavfpc
MD5

d055aa1d2702cf0186ac8dc1c2aea170
SHA1

01671d78a8ff90a9b34d162fb4ab04c6716a950c
SHA256

c0e45b39bf808cc4741933404772f7a2f90dfc453b17b5d30fc71f2f7373e7c8
SHA512

21399ead14206296f035177bc9e564099006dd526430b45c6226abf0c46d1c5fac363f4c0af7d1bd2eb968b8dae4eb68250971a5d99901ab6e12a8bfc53acabf
SSDEEP

98304:NnbMiCEK1vZpAWCfSdr1bZwbFizPkgFpM4xAIkSksjJ22OweySzHQrDzERAF:NnJ7K1vZmXf+rLwbobFptky92PDe3NF

Score

10^/10

glupteba discovery dropper evasion loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d055aa1d2702cf0186ac8dc1c2aea170_JaffaCakes118.exe

Resource

win7-20240708-en

glupteba dropper evasion loader

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

d055aa1d2702cf0186ac8dc1c2aea170_JaffaCakes118.exe

Resource

win10v2004-20240802-en

glupteba discovery dropper evasion loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  d055aa1d2702cf0186ac8dc1c2aea170_JaffaCakes118
- Size
  
  5.0MB
- MD5
  
  d055aa1d2702cf0186ac8dc1c2aea170
- SHA1
  
  01671d78a8ff90a9b34d162fb4ab04c6716a950c
- SHA256
  
  c0e45b39bf808cc4741933404772f7a2f90dfc453b17b5d30fc71f2f7373e7c8
- SHA512
  
  21399ead14206296f035177bc9e564099006dd526430b45c6226abf0c46d1c5fac363f4c0af7d1bd2eb968b8dae4eb68250971a5d99901ab6e12a8bfc53acabf
- SSDEEP
  
  98304:NnbMiCEK1vZpAWCfSdr1bZwbFizPkgFpM4xAIkSksjJ22OweySzHQrDzERAF:NnJ7K1vZmXf+rLwbobFptky92PDe3NF
Score

10^/10

glupteba dropper evasion loader discovery
- Glupteba
  Glupteba is a modular loader written in Golang with various components.
  loader dropper glupteba
- Glupteba payload
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gluptebadropperevasionloader

behavioral2

gluptebadiscoverydropperevasionloader

© 2018-2024

Terms | Privacy