General
-
Target
cc37610638da8d392508fed056555f0137c92989552e64a79db3b09784f8fec6
-
Size
4.1MB
-
Sample
240421-th6s1aef89
-
MD5
3d5065bf9a8c18f0ed6f3983022d2e3b
-
SHA1
19a6930077eadadbade15194b1e6272ac9897192
-
SHA256
cc37610638da8d392508fed056555f0137c92989552e64a79db3b09784f8fec6
-
SHA512
ddf5bfdca060701e7fb820ce2972ebd1eb231b778524dd69414d1a0c8f0206139f52ed6acf3d752be54aedd9ea81c30aeb635d5885f51ee5fd638851f963a408
-
SSDEEP
98304:8wAze/FNZMWTI4IerOgms7GjcZA7/RTa+EmUQAtM:+S/DzMv1si4yTElQx
Static task
static1
Behavioral task
behavioral1
Sample
cc37610638da8d392508fed056555f0137c92989552e64a79db3b09784f8fec6.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
cc37610638da8d392508fed056555f0137c92989552e64a79db3b09784f8fec6
-
Size
4.1MB
-
MD5
3d5065bf9a8c18f0ed6f3983022d2e3b
-
SHA1
19a6930077eadadbade15194b1e6272ac9897192
-
SHA256
cc37610638da8d392508fed056555f0137c92989552e64a79db3b09784f8fec6
-
SHA512
ddf5bfdca060701e7fb820ce2972ebd1eb231b778524dd69414d1a0c8f0206139f52ed6acf3d752be54aedd9ea81c30aeb635d5885f51ee5fd638851f963a408
-
SSDEEP
98304:8wAze/FNZMWTI4IerOgms7GjcZA7/RTa+EmUQAtM:+S/DzMv1si4yTElQx
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1