General
-
Target
4cad70cde9fec8504d85d167222ac79a7c636a0d032f1d328690210bf0286cae
-
Size
4.1MB
-
Sample
240427-fqgl7acd7s
-
MD5
01899eca197ed594a9a9f438718ed413
-
SHA1
9459ae13edda43a895be71f3c3df15301dd70303
-
SHA256
4cad70cde9fec8504d85d167222ac79a7c636a0d032f1d328690210bf0286cae
-
SHA512
50bc0606eeeadb34be7319f70b4580c0fd97ac5a134cc17ebc9f21ee6fd5b8b84824b56def4ae19433c6a770c694c79d432186a92a0b43a34081438706f467dd
-
SSDEEP
98304:mDH7OPmPIYOb+xaC5Bg1F04wxr3ayvMabi96:mDH7OPeI9Kxb52Fw1ay/t
Static task
static1
Behavioral task
behavioral1
Sample
4cad70cde9fec8504d85d167222ac79a7c636a0d032f1d328690210bf0286cae.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
4cad70cde9fec8504d85d167222ac79a7c636a0d032f1d328690210bf0286cae
-
Size
4.1MB
-
MD5
01899eca197ed594a9a9f438718ed413
-
SHA1
9459ae13edda43a895be71f3c3df15301dd70303
-
SHA256
4cad70cde9fec8504d85d167222ac79a7c636a0d032f1d328690210bf0286cae
-
SHA512
50bc0606eeeadb34be7319f70b4580c0fd97ac5a134cc17ebc9f21ee6fd5b8b84824b56def4ae19433c6a770c694c79d432186a92a0b43a34081438706f467dd
-
SSDEEP
98304:mDH7OPmPIYOb+xaC5Bg1F04wxr3ayvMabi96:mDH7OPeI9Kxb52Fw1ay/t
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1