General
-
Target
7aadea0ffd201893fd0c6984008d2e005018aca687175f549ffa18d89f0473c8
-
Size
4.2MB
-
Sample
240423-k79rhsfa5z
-
MD5
a84dce9a95eeedaf7ccc348b0e88ffc6
-
SHA1
fe9d11d7233e39069c96827e3c7ba063dad8daee
-
SHA256
7aadea0ffd201893fd0c6984008d2e005018aca687175f549ffa18d89f0473c8
-
SHA512
fb83e13702e4d61450e615be18cdb1dce02520b595bcaf12fbbae057203ac48646b21dea59dd201f56b1c8adac0f3689e257d05834555a0746f039c4851aef73
-
SSDEEP
98304:CQN9zSKVNFzRCmd+S43cfxiJtNQ15bXu+MABfSPDEeLX1+Kw3YL/t3U:tTWsFQmkSqeYdK5bXuOBmD/txFE
Static task
static1
Behavioral task
behavioral1
Sample
7aadea0ffd201893fd0c6984008d2e005018aca687175f549ffa18d89f0473c8.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
7aadea0ffd201893fd0c6984008d2e005018aca687175f549ffa18d89f0473c8
-
Size
4.2MB
-
MD5
a84dce9a95eeedaf7ccc348b0e88ffc6
-
SHA1
fe9d11d7233e39069c96827e3c7ba063dad8daee
-
SHA256
7aadea0ffd201893fd0c6984008d2e005018aca687175f549ffa18d89f0473c8
-
SHA512
fb83e13702e4d61450e615be18cdb1dce02520b595bcaf12fbbae057203ac48646b21dea59dd201f56b1c8adac0f3689e257d05834555a0746f039c4851aef73
-
SSDEEP
98304:CQN9zSKVNFzRCmd+S43cfxiJtNQ15bXu+MABfSPDEeLX1+Kw3YL/t3U:tTWsFQmkSqeYdK5bXuOBmD/txFE
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1