General
-
Target
ec4bf36843e75db46bf446341b9b628cf5b92d64908602994c0388a509afca3a
-
Size
4.2MB
-
Sample
240411-et3s6aca57
-
MD5
74b10c71fe17b2a762fb9e0a6aec356c
-
SHA1
7d89ac68392ab3ce93902ba2397ea5e18ce78550
-
SHA256
ec4bf36843e75db46bf446341b9b628cf5b92d64908602994c0388a509afca3a
-
SHA512
cfb66059db590fb608b9f607dd1bf54d54e1c031d6cc541d6040ea507f7d6d8a24cc528678c850edade16562a4146f14368e73baa85364fbb147724dca2fd129
-
SSDEEP
98304:I5lPBaWBrbylaZCxbWq17tgxAPYITosQNEMg2S6aC8AEQ:WjBrYYebWqlbosQ6t6aC1V
Static task
static1
Behavioral task
behavioral1
Sample
ec4bf36843e75db46bf446341b9b628cf5b92d64908602994c0388a509afca3a.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ec4bf36843e75db46bf446341b9b628cf5b92d64908602994c0388a509afca3a
-
Size
4.2MB
-
MD5
74b10c71fe17b2a762fb9e0a6aec356c
-
SHA1
7d89ac68392ab3ce93902ba2397ea5e18ce78550
-
SHA256
ec4bf36843e75db46bf446341b9b628cf5b92d64908602994c0388a509afca3a
-
SHA512
cfb66059db590fb608b9f607dd1bf54d54e1c031d6cc541d6040ea507f7d6d8a24cc528678c850edade16562a4146f14368e73baa85364fbb147724dca2fd129
-
SSDEEP
98304:I5lPBaWBrbylaZCxbWq17tgxAPYITosQNEMg2S6aC8AEQ:WjBrYYebWqlbosQ6t6aC1V
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1