General
-
Target
0152ab83a637f125b6b55654b7a82b5add03d8f9e14bb335344b146ba8aec3e4
-
Size
4.2MB
-
Sample
240417-3j4jpsah3w
-
MD5
c74ad1ab7f39fb4532d26a4f74bde39b
-
SHA1
2c8211138a3576566f18d4a85e61280b95f5a0dc
-
SHA256
0152ab83a637f125b6b55654b7a82b5add03d8f9e14bb335344b146ba8aec3e4
-
SHA512
1a84f2ee6ff07821e4d841d0e3cb0916ea1b8cc0425df4143d09f3ffe94d94afe01ee5f1c56aca611ac89096b508a1d80fd9e70f1acb584b89314d8810d885ab
-
SSDEEP
98304:CkZ2HRjDxUqNRSWw/fdG0ya8lhbNKCN+OMuHRmn++CozeYuDi:zZ2x3CqNcHdGTLNp+F+8elDi
Static task
static1
Behavioral task
behavioral1
Sample
0152ab83a637f125b6b55654b7a82b5add03d8f9e14bb335344b146ba8aec3e4.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
0152ab83a637f125b6b55654b7a82b5add03d8f9e14bb335344b146ba8aec3e4
-
Size
4.2MB
-
MD5
c74ad1ab7f39fb4532d26a4f74bde39b
-
SHA1
2c8211138a3576566f18d4a85e61280b95f5a0dc
-
SHA256
0152ab83a637f125b6b55654b7a82b5add03d8f9e14bb335344b146ba8aec3e4
-
SHA512
1a84f2ee6ff07821e4d841d0e3cb0916ea1b8cc0425df4143d09f3ffe94d94afe01ee5f1c56aca611ac89096b508a1d80fd9e70f1acb584b89314d8810d885ab
-
SSDEEP
98304:CkZ2HRjDxUqNRSWw/fdG0ya8lhbNKCN+OMuHRmn++CozeYuDi:zZ2x3CqNcHdGTLNp+F+8elDi
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1