General
-
Target
95d1a8a93f18e1da9b7dc25215409c2c7244cef17a9c7ab5c7bfa5c4cb7611c1
-
Size
4.1MB
-
Sample
240516-pv5z1sde43
-
MD5
f3f1ea24c7557fd69b44b32d848b7aa6
-
SHA1
f18c7bcbb3231c8147bb799f2e8d1b46bcf30acb
-
SHA256
95d1a8a93f18e1da9b7dc25215409c2c7244cef17a9c7ab5c7bfa5c4cb7611c1
-
SHA512
7b32346d7bb6fe4465b611e3b615a9a9061d767c4fe67136f988902f0a8e6d694a0d5e2459719387345f8704ac39b6807ae7e58921011c9add028633bc23a710
-
SSDEEP
98304:kl9GTbLtL99uWlQGfUFGGhNMfnjCzwWu2csDCx3z+tX:JT3oWlQMUAMlWxj+tX
Static task
static1
Behavioral task
behavioral1
Sample
95d1a8a93f18e1da9b7dc25215409c2c7244cef17a9c7ab5c7bfa5c4cb7611c1.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
95d1a8a93f18e1da9b7dc25215409c2c7244cef17a9c7ab5c7bfa5c4cb7611c1
-
Size
4.1MB
-
MD5
f3f1ea24c7557fd69b44b32d848b7aa6
-
SHA1
f18c7bcbb3231c8147bb799f2e8d1b46bcf30acb
-
SHA256
95d1a8a93f18e1da9b7dc25215409c2c7244cef17a9c7ab5c7bfa5c4cb7611c1
-
SHA512
7b32346d7bb6fe4465b611e3b615a9a9061d767c4fe67136f988902f0a8e6d694a0d5e2459719387345f8704ac39b6807ae7e58921011c9add028633bc23a710
-
SSDEEP
98304:kl9GTbLtL99uWlQGfUFGGhNMfnjCzwWu2csDCx3z+tX:JT3oWlQMUAMlWxj+tX
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1