General
-
Target
905343b7c70733627c6a87c6f065902b6c3bd0de42d4812fb839ebdf0a4b8e20
-
Size
4.1MB
-
Sample
240427-kdvqhafd6x
-
MD5
ff9e9babb2ec90b19644a2e5dbe7bd8c
-
SHA1
9d88155fba7ef58e85bef8f56ffd0b32a2ce3de4
-
SHA256
905343b7c70733627c6a87c6f065902b6c3bd0de42d4812fb839ebdf0a4b8e20
-
SHA512
5bb3c3c0c92b307890fbf1e80c42957b2c7972b26fe914f65f9b7cdcfda756e36374619ea6eeff046bf49f9e58a637bedc6da14b5e4cd3b2e739549c61d9accd
-
SSDEEP
98304:RBrcvoQ3bpeAYFyI5s2iXAaDVcYvvxcUB482tlsgYA748:RBQ8JjsJRJcupcUK8wlX7D
Static task
static1
Behavioral task
behavioral1
Sample
905343b7c70733627c6a87c6f065902b6c3bd0de42d4812fb839ebdf0a4b8e20.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
905343b7c70733627c6a87c6f065902b6c3bd0de42d4812fb839ebdf0a4b8e20
-
Size
4.1MB
-
MD5
ff9e9babb2ec90b19644a2e5dbe7bd8c
-
SHA1
9d88155fba7ef58e85bef8f56ffd0b32a2ce3de4
-
SHA256
905343b7c70733627c6a87c6f065902b6c3bd0de42d4812fb839ebdf0a4b8e20
-
SHA512
5bb3c3c0c92b307890fbf1e80c42957b2c7972b26fe914f65f9b7cdcfda756e36374619ea6eeff046bf49f9e58a637bedc6da14b5e4cd3b2e739549c61d9accd
-
SSDEEP
98304:RBrcvoQ3bpeAYFyI5s2iXAaDVcYvvxcUB482tlsgYA748:RBQ8JjsJRJcupcUK8wlX7D
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1