General
-
Target
c30080d020ae6620f35bac611c60817f86d916e2b80a25c6424a7c6aa45ee8e9
-
Size
4.2MB
-
Sample
240420-z92w1sac89
-
MD5
dc0178dfe58b64195e858fcece746d52
-
SHA1
06272a23ea6c944d76b2a5742680822d40da06a3
-
SHA256
c30080d020ae6620f35bac611c60817f86d916e2b80a25c6424a7c6aa45ee8e9
-
SHA512
72c2718e81961419c65a2ff813621b48738f1dbfbeddb6818f9e88d4f3d31cf1e933a416626cc91941e09d961663db1321aacb5b2ccbd4e5a141a8b6b01d5219
-
SSDEEP
98304:SB6TE4JDSTIitXqfSjBwF+v4rSSNjcdSqGUwT7RQU7Or:PTFmTI8qKjKFA4r+dAh7RQUu
Static task
static1
Behavioral task
behavioral1
Sample
c30080d020ae6620f35bac611c60817f86d916e2b80a25c6424a7c6aa45ee8e9.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
c30080d020ae6620f35bac611c60817f86d916e2b80a25c6424a7c6aa45ee8e9
-
Size
4.2MB
-
MD5
dc0178dfe58b64195e858fcece746d52
-
SHA1
06272a23ea6c944d76b2a5742680822d40da06a3
-
SHA256
c30080d020ae6620f35bac611c60817f86d916e2b80a25c6424a7c6aa45ee8e9
-
SHA512
72c2718e81961419c65a2ff813621b48738f1dbfbeddb6818f9e88d4f3d31cf1e933a416626cc91941e09d961663db1321aacb5b2ccbd4e5a141a8b6b01d5219
-
SSDEEP
98304:SB6TE4JDSTIitXqfSjBwF+v4rSSNjcdSqGUwT7RQU7Or:PTFmTI8qKjKFA4r+dAh7RQUu
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1