General
-
Target
ad885271575bba94a9f6296eb82b086145c00065ed84a9a9c5bd59afd9aa618b
-
Size
4.1MB
-
Sample
240421-j2m5wsfb4z
-
MD5
05825f84ba959b4dbf239e88a054523a
-
SHA1
4a56033cac872f8ecaae3227f7051d7038e2b94f
-
SHA256
ad885271575bba94a9f6296eb82b086145c00065ed84a9a9c5bd59afd9aa618b
-
SHA512
62803fbadd86be1d438040ef3a3a04ab8c3d81d61cecb67c70a3dcd228a319f28bbf6c189faa60798515657fbe7ff9fa99bbf500b278d60eb2b1cbd0c186abd1
-
SSDEEP
98304:r4qWg+YQzLmftPjRs7JtBhUiZv1ggcXutB8ev+3WhzrO:rWg+YEmQ7rBhUiZtgg2AB8elhzrO
Static task
static1
Behavioral task
behavioral1
Sample
ad885271575bba94a9f6296eb82b086145c00065ed84a9a9c5bd59afd9aa618b.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
ad885271575bba94a9f6296eb82b086145c00065ed84a9a9c5bd59afd9aa618b
-
Size
4.1MB
-
MD5
05825f84ba959b4dbf239e88a054523a
-
SHA1
4a56033cac872f8ecaae3227f7051d7038e2b94f
-
SHA256
ad885271575bba94a9f6296eb82b086145c00065ed84a9a9c5bd59afd9aa618b
-
SHA512
62803fbadd86be1d438040ef3a3a04ab8c3d81d61cecb67c70a3dcd228a319f28bbf6c189faa60798515657fbe7ff9fa99bbf500b278d60eb2b1cbd0c186abd1
-
SSDEEP
98304:r4qWg+YQzLmftPjRs7JtBhUiZv1ggcXutB8ev+3WhzrO:rWg+YEmQ7rBhUiZtgg2AB8elhzrO
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1