General
-
Target
7f83a8798bc0f70dd4dddda35386c197f4c430b5cd7ce314003d43e368025ee9
-
Size
4.1MB
-
Sample
240404-v2ez3ade9z
-
MD5
3f5245d86aa3a3d285f19d1436fbe9e0
-
SHA1
d455c20025a1b6b4a5e676927541bba8e829b567
-
SHA256
7f83a8798bc0f70dd4dddda35386c197f4c430b5cd7ce314003d43e368025ee9
-
SHA512
fb362af34e93b0dd897d5be5382df263c47dab5882e93b0e542ce716ca6957cbfd5479d5361c576b7d47eca93d718bf5f8b4eca0d711bde377ff3eeecfed57ca
-
SSDEEP
98304:jH5J7CzszSbiwn7GrcYbqmT2oxXGbns7pL8WqJWTgfz:9MU4iw7Yx2bns7pLfTgfz
Static task
static1
Behavioral task
behavioral1
Sample
7f83a8798bc0f70dd4dddda35386c197f4c430b5cd7ce314003d43e368025ee9.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
7f83a8798bc0f70dd4dddda35386c197f4c430b5cd7ce314003d43e368025ee9
-
Size
4.1MB
-
MD5
3f5245d86aa3a3d285f19d1436fbe9e0
-
SHA1
d455c20025a1b6b4a5e676927541bba8e829b567
-
SHA256
7f83a8798bc0f70dd4dddda35386c197f4c430b5cd7ce314003d43e368025ee9
-
SHA512
fb362af34e93b0dd897d5be5382df263c47dab5882e93b0e542ce716ca6957cbfd5479d5361c576b7d47eca93d718bf5f8b4eca0d711bde377ff3eeecfed57ca
-
SSDEEP
98304:jH5J7CzszSbiwn7GrcYbqmT2oxXGbns7pL8WqJWTgfz:9MU4iw7Yx2bns7pLfTgfz
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1