General
-
Target
402821025e98d0ee8acff5343305007c427346a10a2b189c12568c8f574831ed
-
Size
4.1MB
-
Sample
240427-fqg8qabf45
-
MD5
99deb58724338ded95c50885750dcfce
-
SHA1
1c6508a15eceecd93e0a407ed47d0dcdb561d7da
-
SHA256
402821025e98d0ee8acff5343305007c427346a10a2b189c12568c8f574831ed
-
SHA512
93305ef519f6f8b97dab16ffd831a462d0a6136c9d3e71439ab8961e20a604b9ff986185f8e772bd69e3547ef7c1402190d1e41fe1af00b77752c12816606b6a
-
SSDEEP
98304:mDH7OPmPIYOb+xaC5Bg1F04wxr3ayvMabi9f:mDH7OPeI9Kxb52Fw1ay/g
Static task
static1
Behavioral task
behavioral1
Sample
402821025e98d0ee8acff5343305007c427346a10a2b189c12568c8f574831ed.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
402821025e98d0ee8acff5343305007c427346a10a2b189c12568c8f574831ed
-
Size
4.1MB
-
MD5
99deb58724338ded95c50885750dcfce
-
SHA1
1c6508a15eceecd93e0a407ed47d0dcdb561d7da
-
SHA256
402821025e98d0ee8acff5343305007c427346a10a2b189c12568c8f574831ed
-
SHA512
93305ef519f6f8b97dab16ffd831a462d0a6136c9d3e71439ab8961e20a604b9ff986185f8e772bd69e3547ef7c1402190d1e41fe1af00b77752c12816606b6a
-
SSDEEP
98304:mDH7OPmPIYOb+xaC5Bg1F04wxr3ayvMabi9f:mDH7OPeI9Kxb52Fw1ay/g
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1