General
-
Target
1c5a9d434250b14a11e0da7b0caaa418853e7e101e3686deb92f9c09ffeda24e
-
Size
4.2MB
-
Sample
240425-h7c2fagg9z
-
MD5
cc0d339f20e06059fdd10a3dc6a7f301
-
SHA1
8b4fd07d4f9313f29eade50affadb24c50f05a06
-
SHA256
1c5a9d434250b14a11e0da7b0caaa418853e7e101e3686deb92f9c09ffeda24e
-
SHA512
b9926b6bfa02b5c907e43c0b2ecba4cedc447d44b2fdfab8c8d9675ae0a042d9d4e713998c8b57467b9bfe48575f5d764c00d7b30e87bdd5a38b97d63aa29aa1
-
SSDEEP
98304:tPsj8nM8f9N7dpNQ5A13kFnblxOFQG3eoyMtxZ6:BKe9pO6ublAFHdDtxU
Static task
static1
Behavioral task
behavioral1
Sample
1c5a9d434250b14a11e0da7b0caaa418853e7e101e3686deb92f9c09ffeda24e.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1c5a9d434250b14a11e0da7b0caaa418853e7e101e3686deb92f9c09ffeda24e
-
Size
4.2MB
-
MD5
cc0d339f20e06059fdd10a3dc6a7f301
-
SHA1
8b4fd07d4f9313f29eade50affadb24c50f05a06
-
SHA256
1c5a9d434250b14a11e0da7b0caaa418853e7e101e3686deb92f9c09ffeda24e
-
SHA512
b9926b6bfa02b5c907e43c0b2ecba4cedc447d44b2fdfab8c8d9675ae0a042d9d4e713998c8b57467b9bfe48575f5d764c00d7b30e87bdd5a38b97d63aa29aa1
-
SSDEEP
98304:tPsj8nM8f9N7dpNQ5A13kFnblxOFQG3eoyMtxZ6:BKe9pO6ublAFHdDtxU
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1