General
-
Target
733fc3ba4ef0f33d9a1ee30ef5a5bf8c5743cf9422658e69187f074c1e8e258d
-
Size
4.1MB
-
Sample
240509-txs6fsed32
-
MD5
55289a7ee17bb8ee11b5b28cc5485d73
-
SHA1
8444a2df93a95755aa982b1d8afd1ec0bd511d1d
-
SHA256
733fc3ba4ef0f33d9a1ee30ef5a5bf8c5743cf9422658e69187f074c1e8e258d
-
SHA512
d4f0781249c22ec73ae6c0da210c1732b9984d03874a9fbbd69bd7aaa7aebadc07a982848c020e329e49bc316d9adf1c54221cc70ef19fc196b184e915e3c938
-
SSDEEP
98304:qgQj3bYke7IH4UmHBe7fvGvGegFjoB9Y4hH2MnS9af:lmkkc0oEfvGFgFjKYMWdu
Static task
static1
Behavioral task
behavioral1
Sample
733fc3ba4ef0f33d9a1ee30ef5a5bf8c5743cf9422658e69187f074c1e8e258d.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
733fc3ba4ef0f33d9a1ee30ef5a5bf8c5743cf9422658e69187f074c1e8e258d
-
Size
4.1MB
-
MD5
55289a7ee17bb8ee11b5b28cc5485d73
-
SHA1
8444a2df93a95755aa982b1d8afd1ec0bd511d1d
-
SHA256
733fc3ba4ef0f33d9a1ee30ef5a5bf8c5743cf9422658e69187f074c1e8e258d
-
SHA512
d4f0781249c22ec73ae6c0da210c1732b9984d03874a9fbbd69bd7aaa7aebadc07a982848c020e329e49bc316d9adf1c54221cc70ef19fc196b184e915e3c938
-
SSDEEP
98304:qgQj3bYke7IH4UmHBe7fvGvGegFjoB9Y4hH2MnS9af:lmkkc0oEfvGFgFjKYMWdu
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1