General
-
Target
d9a0f80fa2282c661c752eff7016f22d6afe5292c8e317cad6decac4383f99a6
-
Size
4.2MB
-
Sample
240426-3jpesaed36
-
MD5
8edd2a121f6958b919eb2760499acb37
-
SHA1
71d5dd28d07c9ec5597797e5f8912d80116502f6
-
SHA256
d9a0f80fa2282c661c752eff7016f22d6afe5292c8e317cad6decac4383f99a6
-
SHA512
9a1ca8f9a41fd7f3c922317ebc9f01c320ce72959b4e5164f79a2dc57b8bf4e688ae1a57efa27fd7929894e1e05b3366096caaa7158e76a344fc9c18ed9e3de3
-
SSDEEP
98304:YkAjdDPAeC2B02wyEqB4QU18FBwX92iJvUa6o386BoSeiwZU4mjQxQI:TuPAV2B0NRqB88FqJvA6j4GQd
Static task
static1
Behavioral task
behavioral1
Sample
d9a0f80fa2282c661c752eff7016f22d6afe5292c8e317cad6decac4383f99a6.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
d9a0f80fa2282c661c752eff7016f22d6afe5292c8e317cad6decac4383f99a6
-
Size
4.2MB
-
MD5
8edd2a121f6958b919eb2760499acb37
-
SHA1
71d5dd28d07c9ec5597797e5f8912d80116502f6
-
SHA256
d9a0f80fa2282c661c752eff7016f22d6afe5292c8e317cad6decac4383f99a6
-
SHA512
9a1ca8f9a41fd7f3c922317ebc9f01c320ce72959b4e5164f79a2dc57b8bf4e688ae1a57efa27fd7929894e1e05b3366096caaa7158e76a344fc9c18ed9e3de3
-
SSDEEP
98304:YkAjdDPAeC2B02wyEqB4QU18FBwX92iJvUa6o386BoSeiwZU4mjQxQI:TuPAV2B0NRqB88FqJvA6j4GQd
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1