General
-
Target
a33d6c88326ccf1f9c39ae46665cc375c0441fe89fd375504109abf07fc843fc
-
Size
4.1MB
-
Sample
240427-fvdfbsbg52
-
MD5
9f9e30c7b2dd94580ad6952bfd383dd9
-
SHA1
24aa13ca765ddaf4f9d62250bdce5d6d253a3ca6
-
SHA256
a33d6c88326ccf1f9c39ae46665cc375c0441fe89fd375504109abf07fc843fc
-
SHA512
6c4a9bed1a12c663e9ac51c313cffeba4f78b3fcbc7aff6764f5f9351042e4b5fd865788dc0ccb862f2e7913f483aae312f10ecf989533de5480df0b279adfef
-
SSDEEP
98304:uDH7OPmPIYOb+xaC5Bg1F04wxr3ayvMabi97:uDH7OPeI9Kxb52Fw1ay/Y
Static task
static1
Behavioral task
behavioral1
Sample
a33d6c88326ccf1f9c39ae46665cc375c0441fe89fd375504109abf07fc843fc.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
a33d6c88326ccf1f9c39ae46665cc375c0441fe89fd375504109abf07fc843fc
-
Size
4.1MB
-
MD5
9f9e30c7b2dd94580ad6952bfd383dd9
-
SHA1
24aa13ca765ddaf4f9d62250bdce5d6d253a3ca6
-
SHA256
a33d6c88326ccf1f9c39ae46665cc375c0441fe89fd375504109abf07fc843fc
-
SHA512
6c4a9bed1a12c663e9ac51c313cffeba4f78b3fcbc7aff6764f5f9351042e4b5fd865788dc0ccb862f2e7913f483aae312f10ecf989533de5480df0b279adfef
-
SSDEEP
98304:uDH7OPmPIYOb+xaC5Bg1F04wxr3ayvMabi97:uDH7OPeI9Kxb52Fw1ay/Y
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1