General
-
Target
eaec7150346aaaa215dfaf6ec5c3b5a7d7c8b864d7317314799b10f278fe7822
-
Size
4.2MB
-
Sample
240419-bfqd5aca56
-
MD5
0e6dd2aa421787b33cc2abf92b324ed6
-
SHA1
704b3d61ac7c7e131209f18ce76778ca5a2750c2
-
SHA256
eaec7150346aaaa215dfaf6ec5c3b5a7d7c8b864d7317314799b10f278fe7822
-
SHA512
2e767ebdadf56ebb46e7a446ae0e1a98f64765847161fb27f7dc4f675bee4160963c87252f2d137b37b126a8962935c785f930cc253170463219ef739a11811b
-
SSDEEP
98304:ieU9Bh0ZpWG7460rhxj0FMVy+9LgCbGoD1OyJCOsGUxDW88A2xBQ0M:C9j0jWE+llaMVy+90CpOuCOqDWtA2xBI
Static task
static1
Behavioral task
behavioral1
Sample
eaec7150346aaaa215dfaf6ec5c3b5a7d7c8b864d7317314799b10f278fe7822.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
eaec7150346aaaa215dfaf6ec5c3b5a7d7c8b864d7317314799b10f278fe7822
-
Size
4.2MB
-
MD5
0e6dd2aa421787b33cc2abf92b324ed6
-
SHA1
704b3d61ac7c7e131209f18ce76778ca5a2750c2
-
SHA256
eaec7150346aaaa215dfaf6ec5c3b5a7d7c8b864d7317314799b10f278fe7822
-
SHA512
2e767ebdadf56ebb46e7a446ae0e1a98f64765847161fb27f7dc4f675bee4160963c87252f2d137b37b126a8962935c785f930cc253170463219ef739a11811b
-
SSDEEP
98304:ieU9Bh0ZpWG7460rhxj0FMVy+9LgCbGoD1OyJCOsGUxDW88A2xBQ0M:C9j0jWE+llaMVy+90CpOuCOqDWtA2xBI
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1