General
-
Target
f74e33b37b3805de31a8aa5a0c939b28298662a615c1cd17c716392c765a2c3a
-
Size
4.2MB
-
Sample
240419-hwf9qacd5t
-
MD5
b5960c449d2886383259deae0aabfb1c
-
SHA1
e31226976fe1d56242b2fc8a3f54aa47e2a6ffef
-
SHA256
f74e33b37b3805de31a8aa5a0c939b28298662a615c1cd17c716392c765a2c3a
-
SHA512
3fce216adbdb322bc0ebdf7a56bde6cb6350e4340fd1bcbbd4d109283cc65b89278e13c8fce6775a76cc5c2c581cb3e941745a186bc58a56acd8c48055f79401
-
SSDEEP
98304:HNkDk7Y2e9fhWY+LbgLFpBVAayCN/CB0J4dlv7S/k29jp/4L:Ok7LeNhW/+FpBVAa19Ce4dlv7wZ4L
Static task
static1
Behavioral task
behavioral1
Sample
f74e33b37b3805de31a8aa5a0c939b28298662a615c1cd17c716392c765a2c3a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f74e33b37b3805de31a8aa5a0c939b28298662a615c1cd17c716392c765a2c3a
-
Size
4.2MB
-
MD5
b5960c449d2886383259deae0aabfb1c
-
SHA1
e31226976fe1d56242b2fc8a3f54aa47e2a6ffef
-
SHA256
f74e33b37b3805de31a8aa5a0c939b28298662a615c1cd17c716392c765a2c3a
-
SHA512
3fce216adbdb322bc0ebdf7a56bde6cb6350e4340fd1bcbbd4d109283cc65b89278e13c8fce6775a76cc5c2c581cb3e941745a186bc58a56acd8c48055f79401
-
SSDEEP
98304:HNkDk7Y2e9fhWY+LbgLFpBVAayCN/CB0J4dlv7S/k29jp/4L:Ok7LeNhW/+FpBVAa19Ce4dlv7wZ4L
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1