General
-
Target
e45c74fce0369066e0918bf98bbb75af67642036dae661878f125afd98e67e2f
-
Size
4.2MB
-
Sample
240419-wm78qsbd58
-
MD5
b3dfe493bea72db1cf25c2ecf858f2f6
-
SHA1
4e38e39c15cf96bd1ed9d5a85ba09f35a1bc6219
-
SHA256
e45c74fce0369066e0918bf98bbb75af67642036dae661878f125afd98e67e2f
-
SHA512
271642301a276cfa2dd674f41468cf5254438665dc2dc1fdfdd0d43beb84cc7de803486e10431190b2009f2048467c284be5ed114d2c3519b679e909c02033d2
-
SSDEEP
98304:VBy5JAu+Hk0Et5Mgg8VWlfA2+5+VVv7Fm6fCi:OAu+ENnjVyYiVNw4D
Static task
static1
Behavioral task
behavioral1
Sample
e45c74fce0369066e0918bf98bbb75af67642036dae661878f125afd98e67e2f.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
e45c74fce0369066e0918bf98bbb75af67642036dae661878f125afd98e67e2f
-
Size
4.2MB
-
MD5
b3dfe493bea72db1cf25c2ecf858f2f6
-
SHA1
4e38e39c15cf96bd1ed9d5a85ba09f35a1bc6219
-
SHA256
e45c74fce0369066e0918bf98bbb75af67642036dae661878f125afd98e67e2f
-
SHA512
271642301a276cfa2dd674f41468cf5254438665dc2dc1fdfdd0d43beb84cc7de803486e10431190b2009f2048467c284be5ed114d2c3519b679e909c02033d2
-
SSDEEP
98304:VBy5JAu+Hk0Et5Mgg8VWlfA2+5+VVv7Fm6fCi:OAu+ENnjVyYiVNw4D
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1