General
-
Target
f6f7dd8954f65c81374749419c32f12b3a3d92a873405d550550423a1d3aa473
-
Size
4.1MB
-
Sample
231013-qa2brshh6y
-
MD5
9d0e5c1469e0f5c8b3e17512d5215a39
-
SHA1
503cfb1b741dd2e6ba9719c5acbd1873bd99a191
-
SHA256
f6f7dd8954f65c81374749419c32f12b3a3d92a873405d550550423a1d3aa473
-
SHA512
a09d02c70cfc963168dabfeec4443d8e32f3b32f966df1b01e4a24e8ec8845b09f4b25921ec9340292b4e1c28e5226a7c276933ab02869c8c14b5b911c767be0
-
SSDEEP
98304:Hlhp/+MAY8LSBetbsJnYPJay0ram2uVyHV/vsKO4IVa8TY/jpHwr/:HlT/+M2+BeVsJYPms9vsd3Va8M/jpG
Static task
static1
Malware Config
Targets
-
-
Target
f6f7dd8954f65c81374749419c32f12b3a3d92a873405d550550423a1d3aa473
-
Size
4.1MB
-
MD5
9d0e5c1469e0f5c8b3e17512d5215a39
-
SHA1
503cfb1b741dd2e6ba9719c5acbd1873bd99a191
-
SHA256
f6f7dd8954f65c81374749419c32f12b3a3d92a873405d550550423a1d3aa473
-
SHA512
a09d02c70cfc963168dabfeec4443d8e32f3b32f966df1b01e4a24e8ec8845b09f4b25921ec9340292b4e1c28e5226a7c276933ab02869c8c14b5b911c767be0
-
SSDEEP
98304:Hlhp/+MAY8LSBetbsJnYPJay0ram2uVyHV/vsKO4IVa8TY/jpHwr/:HlT/+M2+BeVsJYPms9vsd3Va8M/jpG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1