General
-
Target
9550e17964b5ad3dbcb0e386d1b9135eb0b071fe71ab85c5f5ae134d46360090
-
Size
4.1MB
-
Sample
240515-3pahtaab5t
-
MD5
89335b6e9d6f149826edfd7f7c8a4d29
-
SHA1
22e15ef26ca3d25e465af79c3ecf87d395918a08
-
SHA256
9550e17964b5ad3dbcb0e386d1b9135eb0b071fe71ab85c5f5ae134d46360090
-
SHA512
deaecd1159d106849e80b669331c69d42a0cf8121a9409af504769c9343abc73153bf430ea6cbfb833eaf1374898939549e39712dec7b104a50f8fe6c9bcbb3d
-
SSDEEP
98304:3sj80k8u7e4te7QNzi5j0edbbHwu+w5lmM0XQnX:3g9u7eueIzil0SbrHmM0S
Static task
static1
Behavioral task
behavioral1
Sample
9550e17964b5ad3dbcb0e386d1b9135eb0b071fe71ab85c5f5ae134d46360090.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
9550e17964b5ad3dbcb0e386d1b9135eb0b071fe71ab85c5f5ae134d46360090
-
Size
4.1MB
-
MD5
89335b6e9d6f149826edfd7f7c8a4d29
-
SHA1
22e15ef26ca3d25e465af79c3ecf87d395918a08
-
SHA256
9550e17964b5ad3dbcb0e386d1b9135eb0b071fe71ab85c5f5ae134d46360090
-
SHA512
deaecd1159d106849e80b669331c69d42a0cf8121a9409af504769c9343abc73153bf430ea6cbfb833eaf1374898939549e39712dec7b104a50f8fe6c9bcbb3d
-
SSDEEP
98304:3sj80k8u7e4te7QNzi5j0edbbHwu+w5lmM0XQnX:3g9u7eueIzil0SbrHmM0S
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1