General
-
Target
34d3bee3f8dc2cbac0fade2572165b94a3b24c82352ab396d486f7c2c4d8380d
-
Size
4.1MB
-
Sample
240515-lhxw4abc96
-
MD5
d9de26745881cbb4547af92cae9976be
-
SHA1
69d0fedfba4dc391975c9faf6c3e8b0dd86d62c9
-
SHA256
34d3bee3f8dc2cbac0fade2572165b94a3b24c82352ab396d486f7c2c4d8380d
-
SHA512
38f0c2eef896552a90e01ee2ee6edf0214046452e3cd0ae01a977d25ab8d954e867e2ef359bade399407b3073c37a05f0bb47c17382620064fd39901340d3a2b
-
SSDEEP
98304:jMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAt:jBwCmIp7Ci3XwSxbLu0E0yeIUT4t
Static task
static1
Behavioral task
behavioral1
Sample
34d3bee3f8dc2cbac0fade2572165b94a3b24c82352ab396d486f7c2c4d8380d.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
34d3bee3f8dc2cbac0fade2572165b94a3b24c82352ab396d486f7c2c4d8380d
-
Size
4.1MB
-
MD5
d9de26745881cbb4547af92cae9976be
-
SHA1
69d0fedfba4dc391975c9faf6c3e8b0dd86d62c9
-
SHA256
34d3bee3f8dc2cbac0fade2572165b94a3b24c82352ab396d486f7c2c4d8380d
-
SHA512
38f0c2eef896552a90e01ee2ee6edf0214046452e3cd0ae01a977d25ab8d954e867e2ef359bade399407b3073c37a05f0bb47c17382620064fd39901340d3a2b
-
SSDEEP
98304:jMIwCeNIp7mrmH39JW0ckvUhqbUgu0QDk0l0y/C/U00fVU15PAt:jBwCmIp7Ci3XwSxbLu0E0yeIUT4t
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1