General
-
Target
00a62c9a513b1b14a4d867312bfb351a353c08e3ae57c7b1039dd14b9a06948e
-
Size
4.1MB
-
Sample
240515-lrc82sbg85
-
MD5
e04c8835ff1a6b41175375877a7d073f
-
SHA1
8bc2005dd4844ef6decd5b9bbf6559f7bb8a1517
-
SHA256
00a62c9a513b1b14a4d867312bfb351a353c08e3ae57c7b1039dd14b9a06948e
-
SHA512
c0bb227323e0b033d9e1005be438feea3444f3fff1cfd8d09205b222fe3eb2dd035df43a0129d91e486f42ce6bf8a8a36e26537633e48f4c173eaae7002a757d
-
SSDEEP
98304:brCNiB8ow0tjGRwMUUAJnC6DPNgwm1X3ykRpk8yR82N61:brCy8l0I4UGC6Dg3yk88np1
Static task
static1
Behavioral task
behavioral1
Sample
00a62c9a513b1b14a4d867312bfb351a353c08e3ae57c7b1039dd14b9a06948e.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
00a62c9a513b1b14a4d867312bfb351a353c08e3ae57c7b1039dd14b9a06948e
-
Size
4.1MB
-
MD5
e04c8835ff1a6b41175375877a7d073f
-
SHA1
8bc2005dd4844ef6decd5b9bbf6559f7bb8a1517
-
SHA256
00a62c9a513b1b14a4d867312bfb351a353c08e3ae57c7b1039dd14b9a06948e
-
SHA512
c0bb227323e0b033d9e1005be438feea3444f3fff1cfd8d09205b222fe3eb2dd035df43a0129d91e486f42ce6bf8a8a36e26537633e48f4c173eaae7002a757d
-
SSDEEP
98304:brCNiB8ow0tjGRwMUUAJnC6DPNgwm1X3ykRpk8yR82N61:brCy8l0I4UGC6Dg3yk88np1
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1