General
-
Target
74065c830ad2a6c9cd7e12cd44b9fb867a86d7597f7c90834182b8673d7273a4
-
Size
4.2MB
-
Sample
240419-2njveshe28
-
MD5
3b2988ba478816d8ce4c89af3fb479a5
-
SHA1
a2beef31125280751561e3af02f5567b9bb0fcab
-
SHA256
74065c830ad2a6c9cd7e12cd44b9fb867a86d7597f7c90834182b8673d7273a4
-
SHA512
d777497edb9cc66e8a565e4f1f6d522f1601e09f6cdf2b47b4e0874d423ab95261accecfeaa01c8ba01f35606259128132cea043165a97328ac68734e836b719
-
SSDEEP
98304:3/40EOOAEftLoGWLNDgTXMgGOTrFzBqlMJaGItfGH:PdVQtLoTZDg5GO9Bqlcf
Static task
static1
Behavioral task
behavioral1
Sample
74065c830ad2a6c9cd7e12cd44b9fb867a86d7597f7c90834182b8673d7273a4.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
74065c830ad2a6c9cd7e12cd44b9fb867a86d7597f7c90834182b8673d7273a4
-
Size
4.2MB
-
MD5
3b2988ba478816d8ce4c89af3fb479a5
-
SHA1
a2beef31125280751561e3af02f5567b9bb0fcab
-
SHA256
74065c830ad2a6c9cd7e12cd44b9fb867a86d7597f7c90834182b8673d7273a4
-
SHA512
d777497edb9cc66e8a565e4f1f6d522f1601e09f6cdf2b47b4e0874d423ab95261accecfeaa01c8ba01f35606259128132cea043165a97328ac68734e836b719
-
SSDEEP
98304:3/40EOOAEftLoGWLNDgTXMgGOTrFzBqlMJaGItfGH:PdVQtLoTZDg5GO9Bqlcf
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1