General
-
Target
2eeeb7f277838304a2a02b04ccc861d5bb0c7b2977d7aece244aaaca9aca530c
-
Size
4.2MB
-
Sample
240419-xvszfsdg31
-
MD5
9709aac66eb52e7354b6ac1ace25ddf1
-
SHA1
422cefdfc444f8e607986abef52c6fa4b4899b8d
-
SHA256
2eeeb7f277838304a2a02b04ccc861d5bb0c7b2977d7aece244aaaca9aca530c
-
SHA512
c4de7bf94e2002a58b56efd82df8f898095376e13ead79ea58776cd70c3988b8a59a3405c9946dec5db448e6ae720f99d4be2f0319a6e4e8c12621331fb7c395
-
SSDEEP
98304:xqrB5wn4OMCZOc7+DuxcvwRwKkZb9A25YIHnzSUGXdTRu1L6r:eBo4d4+DucuGBGNT0La
Static task
static1
Behavioral task
behavioral1
Sample
2eeeb7f277838304a2a02b04ccc861d5bb0c7b2977d7aece244aaaca9aca530c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2eeeb7f277838304a2a02b04ccc861d5bb0c7b2977d7aece244aaaca9aca530c
-
Size
4.2MB
-
MD5
9709aac66eb52e7354b6ac1ace25ddf1
-
SHA1
422cefdfc444f8e607986abef52c6fa4b4899b8d
-
SHA256
2eeeb7f277838304a2a02b04ccc861d5bb0c7b2977d7aece244aaaca9aca530c
-
SHA512
c4de7bf94e2002a58b56efd82df8f898095376e13ead79ea58776cd70c3988b8a59a3405c9946dec5db448e6ae720f99d4be2f0319a6e4e8c12621331fb7c395
-
SSDEEP
98304:xqrB5wn4OMCZOc7+DuxcvwRwKkZb9A25YIHnzSUGXdTRu1L6r:eBo4d4+DucuGBGNT0La
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1