General
-
Target
dbc9626accf372487454b8e436f2f4fd448c6f81e7a22411c7712c9c46ad4976
-
Size
4.2MB
-
Sample
240417-ssmbnsdg79
-
MD5
3aac9be9b6bea33ea55e27d4dbd955f3
-
SHA1
796aeecd2008a1784978f414298d4057b03ceb46
-
SHA256
dbc9626accf372487454b8e436f2f4fd448c6f81e7a22411c7712c9c46ad4976
-
SHA512
3232d210d19d59afa2b7d10f5a8572fda20251e858baf1b9b9d504ca6d5c2094172b208646bd92a5a310a0be7a00209a3e978eee5f4cd35154aac71a7825ad9d
-
SSDEEP
98304:cwoxqRNHtYTbrnnqfLVkrWMdzx639PKF8Qxe:nXR9tYTb7qxEbNx6NSxe
Static task
static1
Behavioral task
behavioral1
Sample
dbc9626accf372487454b8e436f2f4fd448c6f81e7a22411c7712c9c46ad4976.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
dbc9626accf372487454b8e436f2f4fd448c6f81e7a22411c7712c9c46ad4976
-
Size
4.2MB
-
MD5
3aac9be9b6bea33ea55e27d4dbd955f3
-
SHA1
796aeecd2008a1784978f414298d4057b03ceb46
-
SHA256
dbc9626accf372487454b8e436f2f4fd448c6f81e7a22411c7712c9c46ad4976
-
SHA512
3232d210d19d59afa2b7d10f5a8572fda20251e858baf1b9b9d504ca6d5c2094172b208646bd92a5a310a0be7a00209a3e978eee5f4cd35154aac71a7825ad9d
-
SSDEEP
98304:cwoxqRNHtYTbrnnqfLVkrWMdzx639PKF8Qxe:nXR9tYTb7qxEbNx6NSxe
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1