General
-
Target
e4c693370e3439c8ef7f928c3118446c51bb99d2852354afd7faa238192ac3e9
-
Size
4.1MB
-
Sample
231013-qacneabg93
-
MD5
8610f22b9ae7b613159f9980da7e315f
-
SHA1
de33ed7d4fc789bfa2879603587c6c35ad8e0b7f
-
SHA256
e4c693370e3439c8ef7f928c3118446c51bb99d2852354afd7faa238192ac3e9
-
SHA512
21a47ec87f57e9cd04777144ccbcad14b06faa8aee62aaccc750c72bb1671b1776ade2e70e8f67fc26c94dd50f3055168420349ba90713971b31390bd1979111
-
SSDEEP
98304:Hlhp/+MAY8LSBetbsJnYPJay0ram2uVyHV/vsKO4IVa8TY/jpHwr1:HlT/+M2+BeVsJYPms9vsd3Va8M/jp0
Static task
static1
Malware Config
Targets
-
-
Target
e4c693370e3439c8ef7f928c3118446c51bb99d2852354afd7faa238192ac3e9
-
Size
4.1MB
-
MD5
8610f22b9ae7b613159f9980da7e315f
-
SHA1
de33ed7d4fc789bfa2879603587c6c35ad8e0b7f
-
SHA256
e4c693370e3439c8ef7f928c3118446c51bb99d2852354afd7faa238192ac3e9
-
SHA512
21a47ec87f57e9cd04777144ccbcad14b06faa8aee62aaccc750c72bb1671b1776ade2e70e8f67fc26c94dd50f3055168420349ba90713971b31390bd1979111
-
SSDEEP
98304:Hlhp/+MAY8LSBetbsJnYPJay0ram2uVyHV/vsKO4IVa8TY/jpHwr1:HlT/+M2+BeVsJYPms9vsd3Va8M/jp0
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1