General
-
Target
ccac891d3ea841c0dcb8f68661e5a817707e0904f5c029b06f65c583853e61d6
-
Size
4.2MB
-
Sample
240420-tm77macc93
-
MD5
eb721353d809351e330c06260d75c309
-
SHA1
08e781ca496eb99fcc85f4e2b2380ee9e5a058be
-
SHA256
ccac891d3ea841c0dcb8f68661e5a817707e0904f5c029b06f65c583853e61d6
-
SHA512
9a48b1530a473518fae71457d0b1f63d85e31242213ff484ce31e64ae92bebefca980720bee620c762feda07a5c9257342f7b498def8aa5dd14b1bafeff8a0c7
-
SSDEEP
49152:Ir1oHj0tlV0f9s8MWzX04BUpcYbKwdRAyQZQ93cNVdRbmMzimZc5ZnjMAqqwRi8L:IBcwtA9b44emOBqNRUORBLE4Ajz0
Static task
static1
Behavioral task
behavioral1
Sample
ccac891d3ea841c0dcb8f68661e5a817707e0904f5c029b06f65c583853e61d6.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
ccac891d3ea841c0dcb8f68661e5a817707e0904f5c029b06f65c583853e61d6
-
Size
4.2MB
-
MD5
eb721353d809351e330c06260d75c309
-
SHA1
08e781ca496eb99fcc85f4e2b2380ee9e5a058be
-
SHA256
ccac891d3ea841c0dcb8f68661e5a817707e0904f5c029b06f65c583853e61d6
-
SHA512
9a48b1530a473518fae71457d0b1f63d85e31242213ff484ce31e64ae92bebefca980720bee620c762feda07a5c9257342f7b498def8aa5dd14b1bafeff8a0c7
-
SSDEEP
49152:Ir1oHj0tlV0f9s8MWzX04BUpcYbKwdRAyQZQ93cNVdRbmMzimZc5ZnjMAqqwRi8L:IBcwtA9b44emOBqNRUORBLE4Ajz0
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1