General
-
Target
3dcce373d1f6fa8ff45d1f6f6c9335ec769ce24a50fb1d04ab20f81ed99b0000
-
Size
4.2MB
-
Sample
240419-rcqhqafb3w
-
MD5
89d4272e02b7a1bfa1c3548925f01017
-
SHA1
21ec3caa6e0fccc0af966abcb0469d794eaea7c4
-
SHA256
3dcce373d1f6fa8ff45d1f6f6c9335ec769ce24a50fb1d04ab20f81ed99b0000
-
SHA512
a5c6bf032b6ba18e2c4b2e55864fa3592dc984c7b1fda73ed6d98f5963b7ce4e854df18505df97d3ba2581cddf2f501e5718dcaaf5c6e1aca8d7c310b1de816d
-
SSDEEP
98304:Du15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVY+:DaARFuKJWhQkavn//blllQdNaFDGXJ
Static task
static1
Behavioral task
behavioral1
Sample
3dcce373d1f6fa8ff45d1f6f6c9335ec769ce24a50fb1d04ab20f81ed99b0000.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
3dcce373d1f6fa8ff45d1f6f6c9335ec769ce24a50fb1d04ab20f81ed99b0000
-
Size
4.2MB
-
MD5
89d4272e02b7a1bfa1c3548925f01017
-
SHA1
21ec3caa6e0fccc0af966abcb0469d794eaea7c4
-
SHA256
3dcce373d1f6fa8ff45d1f6f6c9335ec769ce24a50fb1d04ab20f81ed99b0000
-
SHA512
a5c6bf032b6ba18e2c4b2e55864fa3592dc984c7b1fda73ed6d98f5963b7ce4e854df18505df97d3ba2581cddf2f501e5718dcaaf5c6e1aca8d7c310b1de816d
-
SSDEEP
98304:Du15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVY+:DaARFuKJWhQkavn//blllQdNaFDGXJ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1