General
-
Target
24ce1558c06ac29acaca9b8294ec91f231f05834aafe6139e195b0f65c2a91f1
-
Size
4.2MB
-
Sample
240419-rel83sec49
-
MD5
db2f86f571ecd23acdff760266048eb2
-
SHA1
20d81819908f0e38b41c8070fd2b301e4524420c
-
SHA256
24ce1558c06ac29acaca9b8294ec91f231f05834aafe6139e195b0f65c2a91f1
-
SHA512
0b55c35492c38a7815aa805c5e660f67fc085681f6068a2449a0d005171a9db60c29af08d71f209bdea5765919be2ea826c5d38edcc02104d6aebd05e2f78ee5
-
SSDEEP
98304:zu15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVYd:zaARFuKJWhQkavn//blllQdNaFDGXu
Static task
static1
Behavioral task
behavioral1
Sample
24ce1558c06ac29acaca9b8294ec91f231f05834aafe6139e195b0f65c2a91f1.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
24ce1558c06ac29acaca9b8294ec91f231f05834aafe6139e195b0f65c2a91f1
-
Size
4.2MB
-
MD5
db2f86f571ecd23acdff760266048eb2
-
SHA1
20d81819908f0e38b41c8070fd2b301e4524420c
-
SHA256
24ce1558c06ac29acaca9b8294ec91f231f05834aafe6139e195b0f65c2a91f1
-
SHA512
0b55c35492c38a7815aa805c5e660f67fc085681f6068a2449a0d005171a9db60c29af08d71f209bdea5765919be2ea826c5d38edcc02104d6aebd05e2f78ee5
-
SSDEEP
98304:zu15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVYd:zaARFuKJWhQkavn//blllQdNaFDGXu
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1