General
-
Target
9eef91a93c0fe81bee3ade7021b0e104054e695775fba7f83b17a94c9b4929a3
-
Size
4.1MB
-
Sample
240515-3k2rhahh4y
-
MD5
3d9dfbf3e941f270ba7b0513936531d5
-
SHA1
4963e289384faec672696b7ee0e12cfd6b1a016f
-
SHA256
9eef91a93c0fe81bee3ade7021b0e104054e695775fba7f83b17a94c9b4929a3
-
SHA512
abbf3f2f6d30a716f17b27a873b79e4bc6521518a097a0fe0ddb5b59186d719e19605430a242c9682d3f7f5b550c05b2407ee6f715fc769fd88111072766090d
-
SSDEEP
98304:UCrMvuyR1RyPQdAJHItu4QbOo8ZPCtSlOjuAz5n6hmlDmb3:U5vuu/yDHItfIOpPCSgB5tCz
Static task
static1
Behavioral task
behavioral1
Sample
9eef91a93c0fe81bee3ade7021b0e104054e695775fba7f83b17a94c9b4929a3.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
9eef91a93c0fe81bee3ade7021b0e104054e695775fba7f83b17a94c9b4929a3
-
Size
4.1MB
-
MD5
3d9dfbf3e941f270ba7b0513936531d5
-
SHA1
4963e289384faec672696b7ee0e12cfd6b1a016f
-
SHA256
9eef91a93c0fe81bee3ade7021b0e104054e695775fba7f83b17a94c9b4929a3
-
SHA512
abbf3f2f6d30a716f17b27a873b79e4bc6521518a097a0fe0ddb5b59186d719e19605430a242c9682d3f7f5b550c05b2407ee6f715fc769fd88111072766090d
-
SSDEEP
98304:UCrMvuyR1RyPQdAJHItu4QbOo8ZPCtSlOjuAz5n6hmlDmb3:U5vuu/yDHItfIOpPCSgB5tCz
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1