General
-
Target
fb7dcb6f17bc73e51dc9629e34163174f3931dbca95305d6bf18543f5cb9ec86
-
Size
4.2MB
-
Sample
240419-tbt6mahc4t
-
MD5
8465b6d948021b454f089ec9eb7f71fe
-
SHA1
1e230cfdb5a9f4101931f2e7cb9afc4ecc2646d5
-
SHA256
fb7dcb6f17bc73e51dc9629e34163174f3931dbca95305d6bf18543f5cb9ec86
-
SHA512
4b618090d857731541bf3ef828ab17ca6ae715e15fc4aceab7814c42d33a401a0070dea6e7d789447340031fe54a32cf3df51658020db26bab5c219f53306c9a
-
SSDEEP
98304:foZCtMNcIJm/Wi5iI7vKblq/qDx6472PxO1xv/KiJeN:f3OuIEug7vwUGt7S+nKD
Static task
static1
Behavioral task
behavioral1
Sample
fb7dcb6f17bc73e51dc9629e34163174f3931dbca95305d6bf18543f5cb9ec86.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fb7dcb6f17bc73e51dc9629e34163174f3931dbca95305d6bf18543f5cb9ec86
-
Size
4.2MB
-
MD5
8465b6d948021b454f089ec9eb7f71fe
-
SHA1
1e230cfdb5a9f4101931f2e7cb9afc4ecc2646d5
-
SHA256
fb7dcb6f17bc73e51dc9629e34163174f3931dbca95305d6bf18543f5cb9ec86
-
SHA512
4b618090d857731541bf3ef828ab17ca6ae715e15fc4aceab7814c42d33a401a0070dea6e7d789447340031fe54a32cf3df51658020db26bab5c219f53306c9a
-
SSDEEP
98304:foZCtMNcIJm/Wi5iI7vKblq/qDx6472PxO1xv/KiJeN:f3OuIEug7vwUGt7S+nKD
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1