General
-
Target
2766ccfbcebcc8d898eac7116978734be31ed78c52b106f49f85bdb06cda42dd
-
Size
4.2MB
-
Sample
240417-yvmm4sch96
-
MD5
281c06d82e96489cadef535194a9752f
-
SHA1
4fadc4ab47ce8804c2e477514f9e4a66e87acf1a
-
SHA256
2766ccfbcebcc8d898eac7116978734be31ed78c52b106f49f85bdb06cda42dd
-
SHA512
bfbef84b8aa549bd0f1ad17086f97aae85dc6d3f721ce93671b9c3ff273976c8a8d27ae97c4c60ffc82f4721b5cd5e44edb27433b54d3ef6a75463c84bf89ee3
-
SSDEEP
98304:ZU4Iq03aI5N3yqqHwBEspKQ2DvCGo03KUue+Tc:rIh7By/QBEsp+2hnfc
Static task
static1
Behavioral task
behavioral1
Sample
2766ccfbcebcc8d898eac7116978734be31ed78c52b106f49f85bdb06cda42dd.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2766ccfbcebcc8d898eac7116978734be31ed78c52b106f49f85bdb06cda42dd
-
Size
4.2MB
-
MD5
281c06d82e96489cadef535194a9752f
-
SHA1
4fadc4ab47ce8804c2e477514f9e4a66e87acf1a
-
SHA256
2766ccfbcebcc8d898eac7116978734be31ed78c52b106f49f85bdb06cda42dd
-
SHA512
bfbef84b8aa549bd0f1ad17086f97aae85dc6d3f721ce93671b9c3ff273976c8a8d27ae97c4c60ffc82f4721b5cd5e44edb27433b54d3ef6a75463c84bf89ee3
-
SSDEEP
98304:ZU4Iq03aI5N3yqqHwBEspKQ2DvCGo03KUue+Tc:rIh7By/QBEsp+2hnfc
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1