General
-
Target
0407be250a0f68a02beda6b3fd130e5f46a56ad1bf0a743acd6cf95a8e979465
-
Size
4.1MB
-
Sample
240515-lf8ktabc28
-
MD5
83e507f0897db87f19b9fee508d6944b
-
SHA1
4745237dadf96209b02320f07f001bbf32eadf0a
-
SHA256
0407be250a0f68a02beda6b3fd130e5f46a56ad1bf0a743acd6cf95a8e979465
-
SHA512
2a7c84af3970b93198b3ea72f1074eacefc51bd3d93cb450509897493dc04e7beaa930876a504d999a9597aec683e03fa551448a05ec834b5fd9fe09f52d3265
-
SSDEEP
98304:TMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAk:TBwCmIp7Ci3XwSxbLu0E0yeIUT4k
Static task
static1
Behavioral task
behavioral1
Sample
0407be250a0f68a02beda6b3fd130e5f46a56ad1bf0a743acd6cf95a8e979465.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
0407be250a0f68a02beda6b3fd130e5f46a56ad1bf0a743acd6cf95a8e979465
-
Size
4.1MB
-
MD5
83e507f0897db87f19b9fee508d6944b
-
SHA1
4745237dadf96209b02320f07f001bbf32eadf0a
-
SHA256
0407be250a0f68a02beda6b3fd130e5f46a56ad1bf0a743acd6cf95a8e979465
-
SHA512
2a7c84af3970b93198b3ea72f1074eacefc51bd3d93cb450509897493dc04e7beaa930876a504d999a9597aec683e03fa551448a05ec834b5fd9fe09f52d3265
-
SSDEEP
98304:TMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAk:TBwCmIp7Ci3XwSxbLu0E0yeIUT4k
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1