General
-
Target
00a1efdf5deb8e46ad474ced90827657b3d3f1459c60a7ed1415ff33b9c2d98f
-
Size
4.2MB
-
Sample
240419-hxwqsscd7w
-
MD5
6fd325a1b108e0767437d7a7f77dc210
-
SHA1
d3a6613bdc4a973ac6907e2ffb40561c6e5e7a66
-
SHA256
00a1efdf5deb8e46ad474ced90827657b3d3f1459c60a7ed1415ff33b9c2d98f
-
SHA512
5b21f7fe79e706e7419cd8005ffbcaf0a1bc47cb3e1d53d2846daccbc215094b63a863e6a1648bb0e6f4715c40921b8d4bddcfaf8850ce5dbe14fc8b4d7245d9
-
SSDEEP
98304:3NkDk7Y2e9fhWY+LbgLFpBVAayCN/CB0J4dlv7S/k29jp/4Y:ek7LeNhW/+FpBVAa19Ce4dlv7wZ4Y
Static task
static1
Behavioral task
behavioral1
Sample
00a1efdf5deb8e46ad474ced90827657b3d3f1459c60a7ed1415ff33b9c2d98f.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
00a1efdf5deb8e46ad474ced90827657b3d3f1459c60a7ed1415ff33b9c2d98f
-
Size
4.2MB
-
MD5
6fd325a1b108e0767437d7a7f77dc210
-
SHA1
d3a6613bdc4a973ac6907e2ffb40561c6e5e7a66
-
SHA256
00a1efdf5deb8e46ad474ced90827657b3d3f1459c60a7ed1415ff33b9c2d98f
-
SHA512
5b21f7fe79e706e7419cd8005ffbcaf0a1bc47cb3e1d53d2846daccbc215094b63a863e6a1648bb0e6f4715c40921b8d4bddcfaf8850ce5dbe14fc8b4d7245d9
-
SSDEEP
98304:3NkDk7Y2e9fhWY+LbgLFpBVAayCN/CB0J4dlv7S/k29jp/4Y:ek7LeNhW/+FpBVAa19Ce4dlv7wZ4Y
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1