Gelsemine

Description

(ESET) Gelsemium’s first stage is a large dropper written in C++ using the Microsoft Foundation Class library (MFC). This stage contains multiple further stages’ binaries. Dropper sizes range from about 400 kB to 700 kB, which is unusual and would be even larger if the eight embedded executables were not compressed. The developers use the zlib library, statically linked, to greatly reduce the overall size.

Names

Name
Gelsemine

Type

Dropper

Information

https://www.welivesecurity.com/wp-content/uploads/2021/06/eset_gelsemium.pdf

Mitre Attack

https://attack.mitre.org/software/S0666/

Other Information

Uuid

779f6a01-4381-472a-9ac3-4e3ec8270d75

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Gelsemine

Gelsemine

Description

Names

Category

Type

Information

Mitre Attack

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks