General
-
Target
50f85397247245fc15b94dc2a293897f39c363b182bcf5fc3abda42204c27cf3
-
Size
4.2MB
-
Sample
240419-l7a4mafg2w
-
MD5
257695817883a01b385b0711cdd92a7f
-
SHA1
ea7ab15b48a50471d1aa4fe01224c1a92fc5d13d
-
SHA256
50f85397247245fc15b94dc2a293897f39c363b182bcf5fc3abda42204c27cf3
-
SHA512
2806beb26c3a506033da45c5226ff3ef883a2f07aac90c4a0f637490d2a9ed1f44cf6803d918b3006630a270ed2f2438ed9127e80d730dc91fc69c1ff8b99e73
-
SSDEEP
98304:BkCzxGX67jziInOwT+p9cyq2eBMnsC4wev2TDFlm5IHuXjE:jAXIiaT+p9uBMsCfecmJY
Static task
static1
Behavioral task
behavioral1
Sample
50f85397247245fc15b94dc2a293897f39c363b182bcf5fc3abda42204c27cf3.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
50f85397247245fc15b94dc2a293897f39c363b182bcf5fc3abda42204c27cf3
-
Size
4.2MB
-
MD5
257695817883a01b385b0711cdd92a7f
-
SHA1
ea7ab15b48a50471d1aa4fe01224c1a92fc5d13d
-
SHA256
50f85397247245fc15b94dc2a293897f39c363b182bcf5fc3abda42204c27cf3
-
SHA512
2806beb26c3a506033da45c5226ff3ef883a2f07aac90c4a0f637490d2a9ed1f44cf6803d918b3006630a270ed2f2438ed9127e80d730dc91fc69c1ff8b99e73
-
SSDEEP
98304:BkCzxGX67jziInOwT+p9cyq2eBMnsC4wev2TDFlm5IHuXjE:jAXIiaT+p9uBMsCfecmJY
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1