General
-
Target
94b9549f5499f693b0936ba8a827876e96ad2077395fd9bffa1e6638ba7a5d05
-
Size
4.1MB
-
Sample
240511-njc97aea4y
-
MD5
7ce3794031bd35b1b8267826ec49d818
-
SHA1
24ba8cb16b57b4561e02e93f39842e8c330b3f08
-
SHA256
94b9549f5499f693b0936ba8a827876e96ad2077395fd9bffa1e6638ba7a5d05
-
SHA512
38fb2a23e76e8aca32726a2f6561f46da425dd5d440cbe359199df83fc6041ac1824b19d702426574bc0df2398484899d2f084243e6055e1c39259e5a06a0a81
-
SSDEEP
98304:taldxVYbeltggr6p7qKtgoJu9O6Qxc6qPeInuZKahKn+3QC:ixq6ggrt/os9O/WxuFhK+AC
Static task
static1
Behavioral task
behavioral1
Sample
94b9549f5499f693b0936ba8a827876e96ad2077395fd9bffa1e6638ba7a5d05.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
94b9549f5499f693b0936ba8a827876e96ad2077395fd9bffa1e6638ba7a5d05
-
Size
4.1MB
-
MD5
7ce3794031bd35b1b8267826ec49d818
-
SHA1
24ba8cb16b57b4561e02e93f39842e8c330b3f08
-
SHA256
94b9549f5499f693b0936ba8a827876e96ad2077395fd9bffa1e6638ba7a5d05
-
SHA512
38fb2a23e76e8aca32726a2f6561f46da425dd5d440cbe359199df83fc6041ac1824b19d702426574bc0df2398484899d2f084243e6055e1c39259e5a06a0a81
-
SSDEEP
98304:taldxVYbeltggr6p7qKtgoJu9O6Qxc6qPeInuZKahKn+3QC:ixq6ggrt/os9O/WxuFhK+AC
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1