General
-
Target
23f4ed851cba5df64e6eb490e6d049c084118fd5b67019aad8088cc720f7e2a5
-
Size
4.1MB
-
Sample
240421-jxvn6sfa6t
-
MD5
db117a12dc77d05d91cb7c79917152a5
-
SHA1
a1a4b1eeec5e78cfbaad2a106b97029530b65718
-
SHA256
23f4ed851cba5df64e6eb490e6d049c084118fd5b67019aad8088cc720f7e2a5
-
SHA512
196023c8a801decacb2e6f43ff1a4bf8952b6db0636e584ef130fa6d18f926da7784c8acdea731d4bff64c323f7f6f21615c078730150ee3951986935b8cf645
-
SSDEEP
98304:T4qWg+YQzLmftPjRs7JtBhUiZv1ggcXutB8ev+3Whzrj:jWg+YEmQ7rBhUiZtgg2AB8elhzrj
Static task
static1
Behavioral task
behavioral1
Sample
23f4ed851cba5df64e6eb490e6d049c084118fd5b67019aad8088cc720f7e2a5.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
23f4ed851cba5df64e6eb490e6d049c084118fd5b67019aad8088cc720f7e2a5
-
Size
4.1MB
-
MD5
db117a12dc77d05d91cb7c79917152a5
-
SHA1
a1a4b1eeec5e78cfbaad2a106b97029530b65718
-
SHA256
23f4ed851cba5df64e6eb490e6d049c084118fd5b67019aad8088cc720f7e2a5
-
SHA512
196023c8a801decacb2e6f43ff1a4bf8952b6db0636e584ef130fa6d18f926da7784c8acdea731d4bff64c323f7f6f21615c078730150ee3951986935b8cf645
-
SSDEEP
98304:T4qWg+YQzLmftPjRs7JtBhUiZv1ggcXutB8ev+3Whzrj:jWg+YEmQ7rBhUiZtgg2AB8elhzrj
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1