General
-
Target
b2e5e9967672a3f2394e052e1ca0caec6e990d535a33eefdb0544f90631d648c
-
Size
4.2MB
-
Sample
240423-stlfrshd84
-
MD5
1444a1b7a62fb4126737fb73a3fe9209
-
SHA1
784b5604894c97482476baee97c0627490b8efb3
-
SHA256
b2e5e9967672a3f2394e052e1ca0caec6e990d535a33eefdb0544f90631d648c
-
SHA512
f161d0a946d4bf176ce26b67c76258a0b7d3ca9568e8e09839de483e0b3ab5deb531882c9fed5fcf1a5f293186fe09a500aa98ae8572dfefb9e1314de131ab43
-
SSDEEP
98304:5YLCMptDmsu+9iprwjFTOTj/zIJhxobwLXF8FmbNEpdL19bKn:tkDFH9njBOTWhxocJmmbsdxhK
Static task
static1
Behavioral task
behavioral1
Sample
b2e5e9967672a3f2394e052e1ca0caec6e990d535a33eefdb0544f90631d648c.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
b2e5e9967672a3f2394e052e1ca0caec6e990d535a33eefdb0544f90631d648c
-
Size
4.2MB
-
MD5
1444a1b7a62fb4126737fb73a3fe9209
-
SHA1
784b5604894c97482476baee97c0627490b8efb3
-
SHA256
b2e5e9967672a3f2394e052e1ca0caec6e990d535a33eefdb0544f90631d648c
-
SHA512
f161d0a946d4bf176ce26b67c76258a0b7d3ca9568e8e09839de483e0b3ab5deb531882c9fed5fcf1a5f293186fe09a500aa98ae8572dfefb9e1314de131ab43
-
SSDEEP
98304:5YLCMptDmsu+9iprwjFTOTj/zIJhxobwLXF8FmbNEpdL19bKn:tkDFH9njBOTWhxocJmmbsdxhK
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1