General
-
Target
7e6161437d1d90e878352f6a376f67a100778e423d3d60a205d7d790ab1b5c5a
-
Size
4.1MB
-
Sample
240424-3l949sbf75
-
MD5
66fe6ba2bcd87127178723a0794fc2b0
-
SHA1
9fc841f11cb27d9485e2368487817146ac48f660
-
SHA256
7e6161437d1d90e878352f6a376f67a100778e423d3d60a205d7d790ab1b5c5a
-
SHA512
a86591e7d2600e9c1b59a96fc073e97a8dd503fa1c7a0da73d99c7f3b5334222cbbca51d5c3b4b58b9ff5f6d736251343e006e864b9f0a91494c5bb48e6f215d
-
SSDEEP
98304:toa4fp94xsJrGehkJ1DdBF0TJiDxdyor/vCKqVsh:tfupiUGtp01ObgS
Static task
static1
Behavioral task
behavioral1
Sample
7e6161437d1d90e878352f6a376f67a100778e423d3d60a205d7d790ab1b5c5a.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
7e6161437d1d90e878352f6a376f67a100778e423d3d60a205d7d790ab1b5c5a
-
Size
4.1MB
-
MD5
66fe6ba2bcd87127178723a0794fc2b0
-
SHA1
9fc841f11cb27d9485e2368487817146ac48f660
-
SHA256
7e6161437d1d90e878352f6a376f67a100778e423d3d60a205d7d790ab1b5c5a
-
SHA512
a86591e7d2600e9c1b59a96fc073e97a8dd503fa1c7a0da73d99c7f3b5334222cbbca51d5c3b4b58b9ff5f6d736251343e006e864b9f0a91494c5bb48e6f215d
-
SSDEEP
98304:toa4fp94xsJrGehkJ1DdBF0TJiDxdyor/vCKqVsh:tfupiUGtp01ObgS
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1