General
-
Target
27e8af88f2dcbd8524cde08aaf09a357c2ee3a4ce1e4f34c2a295df820c58570
-
Size
4.2MB
-
Sample
240425-p2jelaag9z
-
MD5
06fde9329ba637a126edd0face3dc26e
-
SHA1
c4a933b6490857cee424ab6712c59b6977154ca2
-
SHA256
27e8af88f2dcbd8524cde08aaf09a357c2ee3a4ce1e4f34c2a295df820c58570
-
SHA512
9f14af6ac0f23249f92157e0edf9b6a87d63d0340a24e92aff71820aac041dc45df1c0fae4b4870a1eb7b09c2a698241ea61af6e8bdead2cbcef5414ffeeadcb
-
SSDEEP
98304:JlPNnLMcliXgk6mZUGEiVLqbbhuqLV4AlEjP7K:JlP9LMc0wkDbEiV0LVIm
Static task
static1
Behavioral task
behavioral1
Sample
27e8af88f2dcbd8524cde08aaf09a357c2ee3a4ce1e4f34c2a295df820c58570.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
27e8af88f2dcbd8524cde08aaf09a357c2ee3a4ce1e4f34c2a295df820c58570
-
Size
4.2MB
-
MD5
06fde9329ba637a126edd0face3dc26e
-
SHA1
c4a933b6490857cee424ab6712c59b6977154ca2
-
SHA256
27e8af88f2dcbd8524cde08aaf09a357c2ee3a4ce1e4f34c2a295df820c58570
-
SHA512
9f14af6ac0f23249f92157e0edf9b6a87d63d0340a24e92aff71820aac041dc45df1c0fae4b4870a1eb7b09c2a698241ea61af6e8bdead2cbcef5414ffeeadcb
-
SSDEEP
98304:JlPNnLMcliXgk6mZUGEiVLqbbhuqLV4AlEjP7K:JlP9LMc0wkDbEiV0LVIm
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1