General
-
Target
7f6d87353b1d9ac4016e2444aa357427a925e7f9e1bbe132cb660dc8b0cd6584
-
Size
4.2MB
-
Sample
240419-hyxdqabe89
-
MD5
d6520de37e80f190a8bed34b9e454dc1
-
SHA1
2f1ad988b14d26102d5fe00093d27bde413af063
-
SHA256
7f6d87353b1d9ac4016e2444aa357427a925e7f9e1bbe132cb660dc8b0cd6584
-
SHA512
686314c2e5971bb910177edc2bf8714d5ea3bfc5329889cbd8b8422083ac0be8fcee1d2469f606fcb191ea54dbba06bbe5a7a0516ebd92709e01e5612082f7a7
-
SSDEEP
98304:PNkDk7Y2e9fhWY+LbgLFpBVAayCN/CB0J4dlv7S/k29jp/47:Wk7LeNhW/+FpBVAa19Ce4dlv7wZ47
Static task
static1
Behavioral task
behavioral1
Sample
7f6d87353b1d9ac4016e2444aa357427a925e7f9e1bbe132cb660dc8b0cd6584.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
7f6d87353b1d9ac4016e2444aa357427a925e7f9e1bbe132cb660dc8b0cd6584
-
Size
4.2MB
-
MD5
d6520de37e80f190a8bed34b9e454dc1
-
SHA1
2f1ad988b14d26102d5fe00093d27bde413af063
-
SHA256
7f6d87353b1d9ac4016e2444aa357427a925e7f9e1bbe132cb660dc8b0cd6584
-
SHA512
686314c2e5971bb910177edc2bf8714d5ea3bfc5329889cbd8b8422083ac0be8fcee1d2469f606fcb191ea54dbba06bbe5a7a0516ebd92709e01e5612082f7a7
-
SSDEEP
98304:PNkDk7Y2e9fhWY+LbgLFpBVAayCN/CB0J4dlv7S/k29jp/47:Wk7LeNhW/+FpBVAa19Ce4dlv7wZ47
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1