General
-
Target
02c83cc25125b11264c1b0e28694a0914e0b6ed7eaf36a8f550e7a81c0ab0605
-
Size
4.2MB
-
Sample
240419-rgn6fsec93
-
MD5
ddfbe9d3ae995263ffffc5db587027de
-
SHA1
04c58b00b758312816ac2447a431dceb1b89bf4f
-
SHA256
02c83cc25125b11264c1b0e28694a0914e0b6ed7eaf36a8f550e7a81c0ab0605
-
SHA512
5b3cc952c550b972fb9774d1c08b1cc1d919f40f11c900b5a82c569bd3b33f191266f162fdc348a6bb1339e7d57a53634e5b3a4bbadd35f8910439ff7e553865
-
SSDEEP
98304:Lu15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVYS:LaARFuKJWhQkavn//blllQdNaFDGXF
Static task
static1
Behavioral task
behavioral1
Sample
02c83cc25125b11264c1b0e28694a0914e0b6ed7eaf36a8f550e7a81c0ab0605.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
02c83cc25125b11264c1b0e28694a0914e0b6ed7eaf36a8f550e7a81c0ab0605
-
Size
4.2MB
-
MD5
ddfbe9d3ae995263ffffc5db587027de
-
SHA1
04c58b00b758312816ac2447a431dceb1b89bf4f
-
SHA256
02c83cc25125b11264c1b0e28694a0914e0b6ed7eaf36a8f550e7a81c0ab0605
-
SHA512
5b3cc952c550b972fb9774d1c08b1cc1d919f40f11c900b5a82c569bd3b33f191266f162fdc348a6bb1339e7d57a53634e5b3a4bbadd35f8910439ff7e553865
-
SSDEEP
98304:Lu15A1GiNRFuKfVvdEh8/k6ld6teGU//blllQO5EUt0+BFZRUpdVYS:LaARFuKJWhQkavn//blllQdNaFDGXF
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1