General
-
Target
1a3a6ac78eb72acfc2123cbc9329b060c1eeaca7cc6f09e1bc48622474c85c78
-
Size
4.2MB
-
Sample
240423-pbq2raga4t
-
MD5
9dc832b94e5fa7e79596545b846d70b9
-
SHA1
2e90ffe5acb9eaf58a756c4bad524e991101f0e3
-
SHA256
1a3a6ac78eb72acfc2123cbc9329b060c1eeaca7cc6f09e1bc48622474c85c78
-
SHA512
edad0725d16975fb3365f139849d1f0c946cbd89637ec3e7c27920db00036880d8761d170d95de43b60aea6cce39150d03bf4c324cf255999d20b6b295f69774
-
SSDEEP
98304:q9dcOUBEbybSH36R/JhlYZJkRBAK/yVZyNfNI1XCYNES:oyBJSqZXeZGRgrygZb
Static task
static1
Behavioral task
behavioral1
Sample
1a3a6ac78eb72acfc2123cbc9329b060c1eeaca7cc6f09e1bc48622474c85c78.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
1a3a6ac78eb72acfc2123cbc9329b060c1eeaca7cc6f09e1bc48622474c85c78
-
Size
4.2MB
-
MD5
9dc832b94e5fa7e79596545b846d70b9
-
SHA1
2e90ffe5acb9eaf58a756c4bad524e991101f0e3
-
SHA256
1a3a6ac78eb72acfc2123cbc9329b060c1eeaca7cc6f09e1bc48622474c85c78
-
SHA512
edad0725d16975fb3365f139849d1f0c946cbd89637ec3e7c27920db00036880d8761d170d95de43b60aea6cce39150d03bf4c324cf255999d20b6b295f69774
-
SSDEEP
98304:q9dcOUBEbybSH36R/JhlYZJkRBAK/yVZyNfNI1XCYNES:oyBJSqZXeZGRgrygZb
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1