General
-
Target
2998eaad3c3529b60f0e3c21c26a844bd47ae089e2b6da5b485508605f7ce7bd
-
Size
4.1MB
-
Sample
231211-tg165acgg5
-
MD5
bf4e5ca5734158d8935ebe4609246704
-
SHA1
2dbe97858c8f3874b96301bf2350b1443426390e
-
SHA256
2998eaad3c3529b60f0e3c21c26a844bd47ae089e2b6da5b485508605f7ce7bd
-
SHA512
27215da3730ae5add001df60ac71c73a500cd104fbdbdefb3cfc1d6366b9e2ac10992668511c3c601f916ec4d0f1e683064dae9344fec72fdbacdfc920bf3092
-
SSDEEP
98304:GFfV3GNFg4XGQkhTpLXQUx8kN+eS+Tvida3ZJUOkV9qvDZPyn5X:CajmdLXQY8SRTqapJUBPq7Z2
Static task
static1
Malware Config
Targets
-
-
Target
2998eaad3c3529b60f0e3c21c26a844bd47ae089e2b6da5b485508605f7ce7bd
-
Size
4.1MB
-
MD5
bf4e5ca5734158d8935ebe4609246704
-
SHA1
2dbe97858c8f3874b96301bf2350b1443426390e
-
SHA256
2998eaad3c3529b60f0e3c21c26a844bd47ae089e2b6da5b485508605f7ce7bd
-
SHA512
27215da3730ae5add001df60ac71c73a500cd104fbdbdefb3cfc1d6366b9e2ac10992668511c3c601f916ec4d0f1e683064dae9344fec72fdbacdfc920bf3092
-
SSDEEP
98304:GFfV3GNFg4XGQkhTpLXQUx8kN+eS+Tvida3ZJUOkV9qvDZPyn5X:CajmdLXQY8SRTqapJUBPq7Z2
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1