General
-
Target
804885a39d1527210a1614d99e602c5ee1f85e1eadc7729f278da789a7ad6ddd
-
Size
4.2MB
-
Sample
240423-sv18lshd41
-
MD5
e883350f3f3b93a401cbb5b282402a24
-
SHA1
62985d201bedaf151c0f8543aeca12536de63331
-
SHA256
804885a39d1527210a1614d99e602c5ee1f85e1eadc7729f278da789a7ad6ddd
-
SHA512
537c13684d84ac36fedc8df6ac1c3e2ed62bf084e86ceab3e6aec06af78c7b90d638131fba56c3e5cc090738f21750c1af2996e5d9e68178606b4865e51073c8
-
SSDEEP
98304:5YLCMptDmsu+9iprwjFTOTj/zIJhxobwLXF8FmbNEpdL19bKI:tkDFH9njBOTWhxocJmmbsdxh1
Static task
static1
Behavioral task
behavioral1
Sample
804885a39d1527210a1614d99e602c5ee1f85e1eadc7729f278da789a7ad6ddd.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
804885a39d1527210a1614d99e602c5ee1f85e1eadc7729f278da789a7ad6ddd
-
Size
4.2MB
-
MD5
e883350f3f3b93a401cbb5b282402a24
-
SHA1
62985d201bedaf151c0f8543aeca12536de63331
-
SHA256
804885a39d1527210a1614d99e602c5ee1f85e1eadc7729f278da789a7ad6ddd
-
SHA512
537c13684d84ac36fedc8df6ac1c3e2ed62bf084e86ceab3e6aec06af78c7b90d638131fba56c3e5cc090738f21750c1af2996e5d9e68178606b4865e51073c8
-
SSDEEP
98304:5YLCMptDmsu+9iprwjFTOTj/zIJhxobwLXF8FmbNEpdL19bKI:tkDFH9njBOTWhxocJmmbsdxh1
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1