General
-
Target
69efa41a411396d7f94ed552b885fa970e37789e0697e321214f22a0a7c40091
-
Size
4.1MB
-
Sample
240421-tj4d9seg24
-
MD5
e15203c2cfca5a974ebd9599bd4c85ac
-
SHA1
1f2135bfdb4835ee135ae47ff9f1a14ee83e9134
-
SHA256
69efa41a411396d7f94ed552b885fa970e37789e0697e321214f22a0a7c40091
-
SHA512
02bf23e132365265ef42fad72bbeb5dcd2d08cad542ba83d0b465222c874e337c04bc9db2246d4f3649596d74ca930c7959be5ef23a716090c5cb1c3cc1e0644
-
SSDEEP
98304:kwAze/FNZMWTI4IerOgms7GjcZA7/RTa+EmUQAtI:WS/DzMv1si4yTElQl
Static task
static1
Behavioral task
behavioral1
Sample
69efa41a411396d7f94ed552b885fa970e37789e0697e321214f22a0a7c40091.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
69efa41a411396d7f94ed552b885fa970e37789e0697e321214f22a0a7c40091
-
Size
4.1MB
-
MD5
e15203c2cfca5a974ebd9599bd4c85ac
-
SHA1
1f2135bfdb4835ee135ae47ff9f1a14ee83e9134
-
SHA256
69efa41a411396d7f94ed552b885fa970e37789e0697e321214f22a0a7c40091
-
SHA512
02bf23e132365265ef42fad72bbeb5dcd2d08cad542ba83d0b465222c874e337c04bc9db2246d4f3649596d74ca930c7959be5ef23a716090c5cb1c3cc1e0644
-
SSDEEP
98304:kwAze/FNZMWTI4IerOgms7GjcZA7/RTa+EmUQAtI:WS/DzMv1si4yTElQl
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1