General
-
Target
61f55eb92c0b2e7f2c70a46110c8d8aeab9f820adfa3055723215366229618c4
-
Size
4.1MB
-
Sample
240515-le78naba8w
-
MD5
54eb4e331b25b740383719fdbe99f549
-
SHA1
e75545c063daaa49669e9da5af04d59d250f44fc
-
SHA256
61f55eb92c0b2e7f2c70a46110c8d8aeab9f820adfa3055723215366229618c4
-
SHA512
ef5e8fa016f0605bbda4e6f1c64641ab9e17397eb125d5a9931b3ea5b665cd89865dc1fd1db0220b160ccbbc3c09c41c973734279561c85ad9ca453267d6faf7
-
SSDEEP
98304:jMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAl:jBwCmIp7Ci3XwSxbLu0E0yeIUT4l
Static task
static1
Behavioral task
behavioral1
Sample
61f55eb92c0b2e7f2c70a46110c8d8aeab9f820adfa3055723215366229618c4.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
61f55eb92c0b2e7f2c70a46110c8d8aeab9f820adfa3055723215366229618c4
-
Size
4.1MB
-
MD5
54eb4e331b25b740383719fdbe99f549
-
SHA1
e75545c063daaa49669e9da5af04d59d250f44fc
-
SHA256
61f55eb92c0b2e7f2c70a46110c8d8aeab9f820adfa3055723215366229618c4
-
SHA512
ef5e8fa016f0605bbda4e6f1c64641ab9e17397eb125d5a9931b3ea5b665cd89865dc1fd1db0220b160ccbbc3c09c41c973734279561c85ad9ca453267d6faf7
-
SSDEEP
98304:jMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAl:jBwCmIp7Ci3XwSxbLu0E0yeIUT4l
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1