General
-
Target
9136f7f477341bcc01ee37da37f81757c838f4aadfd503fdce580f30ae35be73
-
Size
4.2MB
-
Sample
240419-2m9pfsad2s
-
MD5
440ab6c0baccb5e35e1dfb0582894bd8
-
SHA1
4df5ce6c39ae9751e02b989d293af988ef283882
-
SHA256
9136f7f477341bcc01ee37da37f81757c838f4aadfd503fdce580f30ae35be73
-
SHA512
ed27269a8e47783ff9f79258bb9177a054f3ba33f751017752abf50a5ac1864aea221406f12788b2a7de8ac18d25df5a096d9f79b61968f8ccd92e8a24f23e75
-
SSDEEP
98304:f/40EOOAEftLoGWLNDgTXMgGOTrFzBqlMJaGItfGC:XdVQtLoTZDg5GO9Bqlca
Static task
static1
Behavioral task
behavioral1
Sample
9136f7f477341bcc01ee37da37f81757c838f4aadfd503fdce580f30ae35be73.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
9136f7f477341bcc01ee37da37f81757c838f4aadfd503fdce580f30ae35be73
-
Size
4.2MB
-
MD5
440ab6c0baccb5e35e1dfb0582894bd8
-
SHA1
4df5ce6c39ae9751e02b989d293af988ef283882
-
SHA256
9136f7f477341bcc01ee37da37f81757c838f4aadfd503fdce580f30ae35be73
-
SHA512
ed27269a8e47783ff9f79258bb9177a054f3ba33f751017752abf50a5ac1864aea221406f12788b2a7de8ac18d25df5a096d9f79b61968f8ccd92e8a24f23e75
-
SSDEEP
98304:f/40EOOAEftLoGWLNDgTXMgGOTrFzBqlMJaGItfGC:XdVQtLoTZDg5GO9Bqlca
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1