General
-
Target
ebbc6c6272def9b34b29b8ba20880038ec974996966af66234006bd424a141cd
-
Size
3.8MB
-
Sample
220524-1enatacffq
-
MD5
aa736cff791c468d1447c54a8d0a9b1e
-
SHA1
476f8c3d49fca9318befc3bce150d531dadf1646
-
SHA256
ebbc6c6272def9b34b29b8ba20880038ec974996966af66234006bd424a141cd
-
SHA512
6da1ea981cebe0f354b3c6ac692bc89de6386021e547ad4994cf2951a03ace67c43ca52986c7190fb21ba4ce812eebdb0ade8d45d2f9fa08f503a9c4dc3b54e2
Static task
static1
Behavioral task
behavioral1
Sample
ebbc6c6272def9b34b29b8ba20880038ec974996966af66234006bd424a141cd.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
ebbc6c6272def9b34b29b8ba20880038ec974996966af66234006bd424a141cd
-
Size
3.8MB
-
MD5
aa736cff791c468d1447c54a8d0a9b1e
-
SHA1
476f8c3d49fca9318befc3bce150d531dadf1646
-
SHA256
ebbc6c6272def9b34b29b8ba20880038ec974996966af66234006bd424a141cd
-
SHA512
6da1ea981cebe0f354b3c6ac692bc89de6386021e547ad4994cf2951a03ace67c43ca52986c7190fb21ba4ce812eebdb0ade8d45d2f9fa08f503a9c4dc3b54e2
-
Glupteba Payload
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Modifies boot configuration data using bcdedit
-
Drops file in System32 directory
-