General
-
Target
f7de7848143ba4f026b6081b63744081e75cc4300e0d90db6e99b9dbac5902cd
-
Size
4.1MB
-
Sample
240511-nnc5zseb91
-
MD5
97228f28416c1a4f10ef95771f0e0b92
-
SHA1
2674510bddd3102ac57ba0e83dc4b9f39d99af29
-
SHA256
f7de7848143ba4f026b6081b63744081e75cc4300e0d90db6e99b9dbac5902cd
-
SHA512
4a5aa9550f41903118070e7e8256194d5faeb834d4b0799490310285a0979f2e338a5a676670fc7b1a29a2b940e9fb228d98e2fff597d668732e097b8931fb40
-
SSDEEP
98304:daldxVYbeltggr6p7qKtgoJu9O6Qxc6qPeInuZKahKn+3QU:yxq6ggrt/os9O/WxuFhK+AU
Static task
static1
Behavioral task
behavioral1
Sample
f7de7848143ba4f026b6081b63744081e75cc4300e0d90db6e99b9dbac5902cd.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
f7de7848143ba4f026b6081b63744081e75cc4300e0d90db6e99b9dbac5902cd
-
Size
4.1MB
-
MD5
97228f28416c1a4f10ef95771f0e0b92
-
SHA1
2674510bddd3102ac57ba0e83dc4b9f39d99af29
-
SHA256
f7de7848143ba4f026b6081b63744081e75cc4300e0d90db6e99b9dbac5902cd
-
SHA512
4a5aa9550f41903118070e7e8256194d5faeb834d4b0799490310285a0979f2e338a5a676670fc7b1a29a2b940e9fb228d98e2fff597d668732e097b8931fb40
-
SSDEEP
98304:daldxVYbeltggr6p7qKtgoJu9O6Qxc6qPeInuZKahKn+3QU:yxq6ggrt/os9O/WxuFhK+AU
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1