General
-
Target
d55ac97e45a3f989b127ed40e2b5a917d541f6666e10a720bf1fe3ea84d2949b
-
Size
4.1MB
-
Sample
240515-le22msba7x
-
MD5
053b29b3958302225b5f6efdb16550f9
-
SHA1
20d8b1601e454cdf0606ba2a69ada4bf39789159
-
SHA256
d55ac97e45a3f989b127ed40e2b5a917d541f6666e10a720bf1fe3ea84d2949b
-
SHA512
2a0feffef9a89498bc4f6f537a0016efbd4a288344187ffe8caa51c11fdcc6d92321156f4a75e6b5a35850f8a8d165d800b80dcb691247dd6ba6fee8612b9c3c
-
SSDEEP
98304:bMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAS:bBwCmIp7Ci3XwSxbLu0E0yeIUT4S
Static task
static1
Behavioral task
behavioral1
Sample
d55ac97e45a3f989b127ed40e2b5a917d541f6666e10a720bf1fe3ea84d2949b.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
d55ac97e45a3f989b127ed40e2b5a917d541f6666e10a720bf1fe3ea84d2949b
-
Size
4.1MB
-
MD5
053b29b3958302225b5f6efdb16550f9
-
SHA1
20d8b1601e454cdf0606ba2a69ada4bf39789159
-
SHA256
d55ac97e45a3f989b127ed40e2b5a917d541f6666e10a720bf1fe3ea84d2949b
-
SHA512
2a0feffef9a89498bc4f6f537a0016efbd4a288344187ffe8caa51c11fdcc6d92321156f4a75e6b5a35850f8a8d165d800b80dcb691247dd6ba6fee8612b9c3c
-
SSDEEP
98304:bMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAS:bBwCmIp7Ci3XwSxbLu0E0yeIUT4S
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1