General
-
Target
78ae3588334a02452682c4ab359150a60a27f73af9d269b983e83ab7e3195f3c
-
Size
4.2MB
-
Sample
240419-bgdrqadb3y
-
MD5
a290eaa9ee82d57ee1c45e36778993a3
-
SHA1
65baa7b1c0ea703bca9f2ff2499f6fce9502cbac
-
SHA256
78ae3588334a02452682c4ab359150a60a27f73af9d269b983e83ab7e3195f3c
-
SHA512
b50c2fc49e601594ec129d8d299284e57ad8b6009037573fe39fdf5819ca844ef74ecc2ceadf85fd1d05e8e7eff052648ee9b9292d904b0455c12b24755207aa
-
SSDEEP
98304:KeU9Bh0ZpWG7460rhxj0FMVy+9LgCbGoD1OyJCOsGUxDW88A2xBQ0w:K9j0jWE+llaMVy+90CpOuCOqDWtA2xBs
Static task
static1
Behavioral task
behavioral1
Sample
78ae3588334a02452682c4ab359150a60a27f73af9d269b983e83ab7e3195f3c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
78ae3588334a02452682c4ab359150a60a27f73af9d269b983e83ab7e3195f3c
-
Size
4.2MB
-
MD5
a290eaa9ee82d57ee1c45e36778993a3
-
SHA1
65baa7b1c0ea703bca9f2ff2499f6fce9502cbac
-
SHA256
78ae3588334a02452682c4ab359150a60a27f73af9d269b983e83ab7e3195f3c
-
SHA512
b50c2fc49e601594ec129d8d299284e57ad8b6009037573fe39fdf5819ca844ef74ecc2ceadf85fd1d05e8e7eff052648ee9b9292d904b0455c12b24755207aa
-
SSDEEP
98304:KeU9Bh0ZpWG7460rhxj0FMVy+9LgCbGoD1OyJCOsGUxDW88A2xBQ0w:K9j0jWE+llaMVy+90CpOuCOqDWtA2xBs
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1