Glupteba: The Blockchain-Enabled Modular Malware

GluptebaBlockchain

Glupteba is a complex and advanced form of malware that has been affecting Windows devices globally since 2019. It utilizes blockchain technology and has multiple modules that can be used for various malicious activities,

Indicators of Compromise

trumops.comSOCRadar2023-02-01

getfixed.xyzSOCRadar2023-02-01

limeprime.orgSOCRadar2023-02-01

mordo.ruSOCRadar2023-02-01

leappoach.infoSOCRadar2023-02-01

7owe32rodnp3vnx2ekqncoegxolkmb3m2fex5zu6i2bg7ktivhwvczqd.onionSOCRadar2023-02-01

all-smart-green.comSOCRadar2023-02-01

cdneurops.shopSOCRadar2023-02-01

tyturu.comSOCRadar2023-02-01

nahbleiben.atSOCRadar2023-02-01

checkpos.netSOCRadar2023-02-01

duniadekho.barSOCRadar2023-02-01

www.sxhxrj.comSOCRadar2023-02-01

spaldingcompanies.comSOCRadar2023-02-01

herscan.ioSOCRadar2023-02-01

anuanage.infoSOCRadar2023-02-01

dg2sz7pxs7llf2t25fsbutlvvrjij4pmojugn75cmxnvoshmju6dzcad.onionSOCRadar2023-02-01

nameiusr.comSOCRadar2023-02-01

getyourgift.lifeSOCRadar2023-02-01

dll1.stdcdn.comSOCRadar2023-02-01

privacy-tools-for-you-791.comSOCRadar2023-02-01

egsagl.comSOCRadar2023-02-01

cdneurops.buzzSOCRadar2023-02-01

gc-distribution.bizSOCRadar2023-02-01

i.xyzgamei.comSOCRadar2023-02-01

reosio.comSOCRadar2023-02-01

newcc.comSOCRadar2023-02-01

papmcl4r32awafck75y5446n252qqqq4h6c4y2slaayposrtfbcebdqd.onionSOCRadar2023-02-01

source3.boys4dayz.comSOCRadar2023-02-01

sxx.leappoach.infoSOCRadar2023-02-01

zaoshanghaoz.netSOCRadar2023-02-01

cdneurops.healthSOCRadar2023-02-01

retoti.comSOCRadar2023-02-01

real-enter-solutions.xyzSOCRadar2023-02-01

revouninstaller.homesSOCRadar2023-02-01

younghil.comSOCRadar2023-02-01

bestony.infoSOCRadar2023-02-01

x4l2doee6uhhf3lqjvjodgqtxsjvwbkdqyldhwyhwkhf4y23aqq7jayd.onionSOCRadar2023-02-01

topexpertshop.comSOCRadar2023-02-01

ads-memory.bizSOCRadar2023-02-01

piratia-life.ruSOCRadar2023-02-01

limeprime.comSOCRadar2023-02-01

godespra.comSOCRadar2023-02-01

noblecreativeaz.comSOCRadar2023-02-01

mastiakele.xyzSOCRadar2023-02-01

mydomelem.comSOCRadar2023-02-01

enter-me.xyzSOCRadar2023-02-01

yturu.comSOCRadar2023-02-01

greenphoenix.xyzSOCRadar2023-02-01

ciskotik.comSOCRadar2023-02-01

onlinehueplet.comSOCRadar2023-02-01

maesvpovrwqfaqjw44bbeb2w62h6n7eyosbeit7rfrrdbyjymqaxfryd.onionSOCRadar2023-02-01

am1420wbec.comSOCRadar2023-02-01

routers.ripSOCRadar2023-02-01

zaoshang.oooSOCRadar2023-02-01

ginta.linkSOCRadar2023-02-01

host-data-coin-11.comSOCRadar2023-02-01

signaturebusinesspark.comSOCRadar2023-02-01

flexnetinformatica.com.brSOCRadar2023-02-01

cdneurops.picsSOCRadar2023-02-01

azilominehostz.xyzSOCRadar2023-02-01

fennsports.comSOCRadar2023-02-01

dafflash.comSOCRadar2023-02-01

yeug3c6mnwocixwlotka4nwo3fjtfic65o4psmpxvrdul5q7dgjmsvad.onionSOCRadar2023-02-01

zaoshang.moscowSOCRadar2023-02-01

filimaik.comSOCRadar2023-02-01

r5vg4h5rlwmo6oa3p3vlckuvf5na2wb2tnqbsbkivhrhlyze6czlpjad.onionSOCRadar2023-02-01

presstheme.meSOCRadar2023-02-01

v.xyzgamev.comSOCRadar2023-02-01

cdneurop.cloudSOCRadar2023-02-01

3ebu257qh2dlauxqj7cgv3i55e4orb55mwgqf4tq7eicsa3dfhr4aaid.onionSOCRadar2023-02-01

tmetres.comSOCRadar2023-02-01

mastiakele.icuSOCRadar2023-02-01

file-coin-host-12.comSOCRadar2023-02-01

toa.mygametoa.comSOCRadar2023-02-01

iceanedy.comSOCRadar2023-02-01

nisdably.comSOCRadar2023-02-01

connectini.netSOCRadar2023-02-01

evocterm.comSOCRadar2023-02-01

tg8.cllgxx.comSOCRadar2023-02-01

islamic-city.comSOCRadar2023-02-01

careerguide4u.onlineSOCRadar2023-02-01

motinkon.coSOCRadar2023-02-01

bihgkrr546ctjdn4mwr7x4bhvwz55sftx6xir6cwlfo6rhppd2eu7syd.onionSOCRadar2023-02-01

buy-fantasy-fo0tball.com.sgSOCRadar2023-02-01

mastiakele.cyouSOCRadar2023-02-01

stylesheet.faseaegasdfase.comSOCRadar2023-02-01

hhiuew33.comSOCRadar2023-02-01

one-wedding-film.comSOCRadar2023-02-01

runmodes.comSOCRadar2023-02-01

patchlinks.comSOCRadar2023-02-01

c43tnmrkzfmkjyd3j4v6xbyrd67q6pskzy67dwkzj36uoqwpoju2loyd.onionSOCRadar2023-02-01

privacy-tools-for-you-782.comSOCRadar2023-02-01

2pkktxkf3gnpcjh2bhi62arz2ieyjgxocb3jne3kc2nu2yvyxqq23nad.onionSOCRadar2023-02-01

strtz.siteSOCRadar2023-02-01

eurekabike.comSOCRadar2023-02-01

all-mobile-pa1ments.com.mxSOCRadar2023-02-01

zaoshanghao.suSOCRadar2023-02-01

buy-fantasy-gmes.com.sgSOCRadar2023-02-01

dollybuster.atSOCRadar2023-02-01

appwebstat.bizSOCRadar2023-02-01

banhamm.comSOCRadar2023-02-01

topniemannpicksh0p.ccSOCRadar2023-02-01

zaoshang.ruSOCRadar2023-02-01

cdntokiog.studioSOCRadar2023-02-01

reoseio.comSOCRadar2023-02-01

whsddzs.comSOCRadar2023-02-01

jackytpload.suSOCRadar2023-02-01

remik-franchise.ruSOCRadar2023-02-01

Campaign Guidance

Remediation, mitigation, notes, history and related intelligence

The following steps can be taken to remediate a Glupteba infection:

Isolate the infected device: Disconnect the infected device from the internet and any other networks to prevent the malware from spreading.

Run a malware scan: Use a reputable antivirus or anti-malware software to scan the infected device for Glupteba and other forms of malware.

Remove the malware: Follow the instructions provided by the antivirus or anti-malware software to remove the Glupteba malware from the infected device.

Update software: Make sure to update the operating system and any installed software to the latest version to address vulnerabilities that may have been exploited by the malware.

Change passwords: If the infected device contained sensitive information, such as login credentials or financial information, change the passwords for any relevant accounts as a precaution.

Monitor for further infection: Continue to monitor the infected device for any signs of further infection, and take additional steps as needed to remove any additional malware that may have been installed.

Implement best practices: To reduce the risk of future infections, implement best practices such as using reputable security software, practicing safe browsing habits, enabling firewalls, and using strong and unique passwords.

Reports & References2

[object Object][object Object]

Observed Countries250

AD (792)

AE (683)

AF (916)

AG (957)

AI (469)

AL (121)

AM (299)

AO (256)

AQ (743)

AR (594)

AS (434)

AT (717)

AU (558)

AW (184)

AX (655)

AZ (403)

BA (469)

BB (607)

BD (685)

BE (745)

BF (903)

BG (547)

BH (991)

BI (237)

BJ (380)

BL (148)

BM (400)

BN (481)

BO (604)

BQ (672)

BR (471)

BS (372)

BT (400)

BV (648)

BW (585)

BY (596)

BZ (332)

CA (79)

CC (922)

CD (202)

CF (531)

CG (865)

CH (957)

CI (755)

CK (704)

CL (340)

CM (932)

CN (92)

CO (363)

CR (386)

CU (237)

CV (473)

CW (501)

CX (834)

CY (176)

CZ (922)

DE (475)

DJ (510)

DK (376)

DM (472)

DO (546)

DZ (386)

EC (183)

EE (383)

EG (254)

EH (563)

ER (585)

ES (657)

ET (491)

FI (565)

FJ (377)

FK (139)

FM (228)

FO (194)

FR (105)

GA (365)

GB (918)

GD (435)

GE (876)

GF (219)

GG (800)

GH (458)

GI (957)

GL (255)

GM (328)

GN (193)

GP (982)

GQ (799)

GR (135)

GS (999)

GT (999)

GU (103)

GW (572)

GY (459)

HK (463)

HM (69)

HN (846)

HR (362)

HT (193)

HU (119)

ID (734)

IE (626)

IL (752)

IM (292)

IN (55)

IO (471)

IQ (264)

IR (244)

IS (345)

IT (79)

JE (809)

JM (295)

JO (771)

JP (985)

KE (864)

KG (146)

KH (321)

KI (56)

KM (312)

KN (748)

KP (945)

KR (382)

KW (149)

KY (657)

KZ (60)

LA (846)

LB (51)

LC (651)

LI (62)

LK (86)

LR (699)

LS (765)

LT (509)

LU (227)

LV (286)

LY (157)

MA (937)

MC (224)

MD (26)

ME (814)

MF (855)

MG (285)

MH (971)

MK (87)

ML (450)

MM (683)

MN (598)

MO (117)

MP (40)

MQ (810)

MR (354)

MS (541)

MT (883)

MU (323)

MV (701)

MW (508)

MX (162)

MY (294)

MZ (365)

NA (927)

NC (338)

NE (723)

NF (203)

NG (815)

NI (199)

NL (146)

NO (253)

NP (303)

NR (577)

NU (610)

NZ (139)

OM (898)

PA (827)

PE (749)

PF (126)

PG (954)

PH (578)

PK (607)

PL (217)

PM (699)

PN (833)

PR (662)

PS (445)

PT (337)

PW (706)

PY (580)

QA (456)

RE (756)

RO (911)

RS (368)

RU (162)

RW (845)

SA (16)

SB (793)

SC (749)

SD (821)

SE (765)

SG (665)

SH (639)

SI (250)

SJ (947)

SK (120)

SL (347)

SM (398)

SN (138)

SO (272)

SR (237)

SS (881)

ST (718)

SV (247)

SX (252)

SY (575)

SZ (586)

TC (199)

TD (92)

TF (655)

TG (31)

TH (105)

TJ (47)

TK (286)

TL (423)

TM (908)

TN (906)

TO (896)

TR (485)

TT (433)

TV (173)

TW (606)

TZ (881)

UA (135)

UG (736)

UM (911)

US (864)

UY (797)

UZ (329)

VA (95)

VC (859)

VE (979)

VG (635)

VI (130)

VN (157)

VU (411)

WF (392)

WS (476)

XK (507)

YE (665)

YT (45)

ZA (513)

ZM (280)

ZW (553)