General
-
Target
99e29c8a9edaba5f4b8eaf36e8c453596255100fdea06ea2c9f889197e2e52c1
-
Size
4.2MB
-
Sample
240418-etvgsaaf66
-
MD5
a109edba528eb2b70329eab8c2b56470
-
SHA1
4c56da25c85b08dcf4a7489c2ec58de4409e1de9
-
SHA256
99e29c8a9edaba5f4b8eaf36e8c453596255100fdea06ea2c9f889197e2e52c1
-
SHA512
f65a16bfa8d6e58c555e08c5a6ad939d4461e6a963b01100c196658d85dff43e107d67dac1b748fce496db63ea2a451dc5d243deeaa2580a3d0f3384d3fbe929
-
SSDEEP
98304:IT1SD+NjNicufM6G6X/c15iBJGRJ32bm3jabJCAFawk6ewJALv1rR:01pZicuZdXO5iBYRJmbmmbJCLwkQKLdR
Static task
static1
Behavioral task
behavioral1
Sample
99e29c8a9edaba5f4b8eaf36e8c453596255100fdea06ea2c9f889197e2e52c1.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
99e29c8a9edaba5f4b8eaf36e8c453596255100fdea06ea2c9f889197e2e52c1
-
Size
4.2MB
-
MD5
a109edba528eb2b70329eab8c2b56470
-
SHA1
4c56da25c85b08dcf4a7489c2ec58de4409e1de9
-
SHA256
99e29c8a9edaba5f4b8eaf36e8c453596255100fdea06ea2c9f889197e2e52c1
-
SHA512
f65a16bfa8d6e58c555e08c5a6ad939d4461e6a963b01100c196658d85dff43e107d67dac1b748fce496db63ea2a451dc5d243deeaa2580a3d0f3384d3fbe929
-
SSDEEP
98304:IT1SD+NjNicufM6G6X/c15iBJGRJ32bm3jabJCAFawk6ewJALv1rR:01pZicuZdXO5iBYRJmbmmbJCLwkQKLdR
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1