General
-
Target
89ac840eb305d4fd36ea00992024b26d56adcb5ad9eac76bac3e81754976a987
-
Size
4.2MB
-
Sample
240419-aqlm9acb7z
-
MD5
d3e05e1450bf71cb820a9d373ba1fdeb
-
SHA1
e29f53643e28c185b46d2579f40fd2d77e884dd4
-
SHA256
89ac840eb305d4fd36ea00992024b26d56adcb5ad9eac76bac3e81754976a987
-
SHA512
4308ed36695977e0e99ac75ce1c05a9a66514c0c782a6c024866bad62c4d09e513f0e085b17b15ebbff73d97b859bcf3ffb128c1c915906b6d1628f6ec8a0e33
-
SSDEEP
98304:+bvDuo/zvoC5HERRwr8YNEXJ0TS4JBXxT3BRfe7gLCxccCwfp3PGPzDBAeGjYAv:+nBoCproYNEXJ0O+Xpe7jrRPGnBARjfv
Static task
static1
Behavioral task
behavioral1
Sample
89ac840eb305d4fd36ea00992024b26d56adcb5ad9eac76bac3e81754976a987.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
89ac840eb305d4fd36ea00992024b26d56adcb5ad9eac76bac3e81754976a987
-
Size
4.2MB
-
MD5
d3e05e1450bf71cb820a9d373ba1fdeb
-
SHA1
e29f53643e28c185b46d2579f40fd2d77e884dd4
-
SHA256
89ac840eb305d4fd36ea00992024b26d56adcb5ad9eac76bac3e81754976a987
-
SHA512
4308ed36695977e0e99ac75ce1c05a9a66514c0c782a6c024866bad62c4d09e513f0e085b17b15ebbff73d97b859bcf3ffb128c1c915906b6d1628f6ec8a0e33
-
SSDEEP
98304:+bvDuo/zvoC5HERRwr8YNEXJ0TS4JBXxT3BRfe7gLCxccCwfp3PGPzDBAeGjYAv:+nBoCproYNEXJ0O+Xpe7jrRPGnBARjfv
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1