General
-
Target
a94af1f5ab6e456a4dce832b695490db119978739366ab74a3ce96e96cf29044
-
Size
4.2MB
-
Sample
240419-q5z27aea28
-
MD5
3e09d529565fa5ad21daeb6e35c44d42
-
SHA1
8e52d381759d64727723d6d4339051fc3e7e89a1
-
SHA256
a94af1f5ab6e456a4dce832b695490db119978739366ab74a3ce96e96cf29044
-
SHA512
394ad3b4566b74bbfa3d89c86de0ea7e02df98551fcb2568b9ee43a2a45c9e94109fcf48098c0bcdd0e2b25cd0cafc1c3bd26833452927e3a1c3cf26646935ca
-
SSDEEP
98304:Lu15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVYP:LaARFuKJWhQkavn//blllQdNaFDGX4
Static task
static1
Behavioral task
behavioral1
Sample
a94af1f5ab6e456a4dce832b695490db119978739366ab74a3ce96e96cf29044.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a94af1f5ab6e456a4dce832b695490db119978739366ab74a3ce96e96cf29044
-
Size
4.2MB
-
MD5
3e09d529565fa5ad21daeb6e35c44d42
-
SHA1
8e52d381759d64727723d6d4339051fc3e7e89a1
-
SHA256
a94af1f5ab6e456a4dce832b695490db119978739366ab74a3ce96e96cf29044
-
SHA512
394ad3b4566b74bbfa3d89c86de0ea7e02df98551fcb2568b9ee43a2a45c9e94109fcf48098c0bcdd0e2b25cd0cafc1c3bd26833452927e3a1c3cf26646935ca
-
SSDEEP
98304:Lu15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVYP:LaARFuKJWhQkavn//blllQdNaFDGX4
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1