General
-
Target
6a4534ff585942e758550888370398f71f1d81feee535e9b7b7d383eb69fcb78
-
Size
4.2MB
-
Sample
240423-s69zwshe9z
-
MD5
51cac502bc86cf5a85f7c1b346ab0e06
-
SHA1
4a777e1798e87e5ac97cc29d088a0bd9853b32be
-
SHA256
6a4534ff585942e758550888370398f71f1d81feee535e9b7b7d383eb69fcb78
-
SHA512
c13182e92b6ad7913e26430acbd00ac968b7cfb384bc6bce46c337ba331587bb8561f82b5b3ca7aadeaacd8c91f2523b9d4cba8139a92d1bed87fc0096c4061e
-
SSDEEP
98304:d+Gg6aXQ+/QyN9wV3/YhHbVpnwBVKjBiw+3St8KJ+:uXQwQ89A3/Y5DnwBWu3Q8Kw
Static task
static1
Behavioral task
behavioral1
Sample
6a4534ff585942e758550888370398f71f1d81feee535e9b7b7d383eb69fcb78.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6a4534ff585942e758550888370398f71f1d81feee535e9b7b7d383eb69fcb78
-
Size
4.2MB
-
MD5
51cac502bc86cf5a85f7c1b346ab0e06
-
SHA1
4a777e1798e87e5ac97cc29d088a0bd9853b32be
-
SHA256
6a4534ff585942e758550888370398f71f1d81feee535e9b7b7d383eb69fcb78
-
SHA512
c13182e92b6ad7913e26430acbd00ac968b7cfb384bc6bce46c337ba331587bb8561f82b5b3ca7aadeaacd8c91f2523b9d4cba8139a92d1bed87fc0096c4061e
-
SSDEEP
98304:d+Gg6aXQ+/QyN9wV3/YhHbVpnwBVKjBiw+3St8KJ+:uXQwQ89A3/Y5DnwBWu3Q8Kw
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1