General
-
Target
2a35faa81137088e81afecb34ca35d46f255b04546bd09ff65172565f6e72a98
-
Size
4.1MB
-
Sample
240404-j92m9aag64
-
MD5
fed6da32999909662a85fd3cbcbaa273
-
SHA1
7181f25bb80ec541ecf6c89390a6d9877d3ea34c
-
SHA256
2a35faa81137088e81afecb34ca35d46f255b04546bd09ff65172565f6e72a98
-
SHA512
22b115507a8692ad770e1512bc6183a30f785fa1074f6a63130ee99c8bc44887e63b79aadf7b0f85917d80346f79d5cdab5e38a02c85400e10d917575b817394
-
SSDEEP
98304:bb04ffPf0CP8ZPL1zSHjK43IQhayZ0/ueXFA:n1PfdPwLNSHjKj0ZYueXm
Static task
static1
Behavioral task
behavioral1
Sample
2a35faa81137088e81afecb34ca35d46f255b04546bd09ff65172565f6e72a98.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2a35faa81137088e81afecb34ca35d46f255b04546bd09ff65172565f6e72a98
-
Size
4.1MB
-
MD5
fed6da32999909662a85fd3cbcbaa273
-
SHA1
7181f25bb80ec541ecf6c89390a6d9877d3ea34c
-
SHA256
2a35faa81137088e81afecb34ca35d46f255b04546bd09ff65172565f6e72a98
-
SHA512
22b115507a8692ad770e1512bc6183a30f785fa1074f6a63130ee99c8bc44887e63b79aadf7b0f85917d80346f79d5cdab5e38a02c85400e10d917575b817394
-
SSDEEP
98304:bb04ffPf0CP8ZPL1zSHjK43IQhayZ0/ueXFA:n1PfdPwLNSHjKj0ZYueXm
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1