General
-
Target
9558655449759ce8fdda6b972b0c1480d4ef33f80aef24194c4f8ce79e53f245
-
Size
4.1MB
-
Sample
240516-ssgq7aba79
-
MD5
1d4a38c5fc3b5fc187e8e96b13f4159d
-
SHA1
5211d1fc734606b3061f5f4b3cd687436bb477a3
-
SHA256
9558655449759ce8fdda6b972b0c1480d4ef33f80aef24194c4f8ce79e53f245
-
SHA512
8919203a3c8f7bc161a80fc6897aab90026fa95f0734467939c026edbc16b246067de7e3dc00df7c42af6064940da67f70fdfac19f153a7e28e45b753377321e
-
SSDEEP
98304:ovzBhIm6zIE7SIO2RhCG9zRnSMmyRgCXxFQG9cP:ezBhDcIv8bCGbNmyXXxFQGyP
Static task
static1
Behavioral task
behavioral1
Sample
9558655449759ce8fdda6b972b0c1480d4ef33f80aef24194c4f8ce79e53f245.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
9558655449759ce8fdda6b972b0c1480d4ef33f80aef24194c4f8ce79e53f245
-
Size
4.1MB
-
MD5
1d4a38c5fc3b5fc187e8e96b13f4159d
-
SHA1
5211d1fc734606b3061f5f4b3cd687436bb477a3
-
SHA256
9558655449759ce8fdda6b972b0c1480d4ef33f80aef24194c4f8ce79e53f245
-
SHA512
8919203a3c8f7bc161a80fc6897aab90026fa95f0734467939c026edbc16b246067de7e3dc00df7c42af6064940da67f70fdfac19f153a7e28e45b753377321e
-
SSDEEP
98304:ovzBhIm6zIE7SIO2RhCG9zRnSMmyRgCXxFQG9cP:ezBhDcIv8bCGbNmyXXxFQGyP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1