General
-
Target
fdd9d005bfa848e7377bf7434b9ad693f686ddc7eabf5fa389a80bd56ba88d42
-
Size
4.2MB
-
Sample
240419-bklazacc25
-
MD5
507b556441b8b98feab9a779bfe42896
-
SHA1
c34cdf570279b8299ac8b96f481e0651136c7660
-
SHA256
fdd9d005bfa848e7377bf7434b9ad693f686ddc7eabf5fa389a80bd56ba88d42
-
SHA512
fbf1020191376dd6d7b5e7feb44b93e02ac0f60d9c69f53722b42b825c7706aef3b97a166c2ee0f452e05631062fd1a472b42aa71d9b0d8506a26cfbc2ace099
-
SSDEEP
98304:ieU9Bh0ZpWG7460rhxj0FMVy+9LgCbGoD1OyJCOsGUxDW88A2xBQ0l:C9j0jWE+llaMVy+90CpOuCOqDWtA2xBJ
Static task
static1
Behavioral task
behavioral1
Sample
fdd9d005bfa848e7377bf7434b9ad693f686ddc7eabf5fa389a80bd56ba88d42.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
fdd9d005bfa848e7377bf7434b9ad693f686ddc7eabf5fa389a80bd56ba88d42
-
Size
4.2MB
-
MD5
507b556441b8b98feab9a779bfe42896
-
SHA1
c34cdf570279b8299ac8b96f481e0651136c7660
-
SHA256
fdd9d005bfa848e7377bf7434b9ad693f686ddc7eabf5fa389a80bd56ba88d42
-
SHA512
fbf1020191376dd6d7b5e7feb44b93e02ac0f60d9c69f53722b42b825c7706aef3b97a166c2ee0f452e05631062fd1a472b42aa71d9b0d8506a26cfbc2ace099
-
SSDEEP
98304:ieU9Bh0ZpWG7460rhxj0FMVy+9LgCbGoD1OyJCOsGUxDW88A2xBQ0l:C9j0jWE+llaMVy+90CpOuCOqDWtA2xBJ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1