General
-
Target
b7b7c3d0e0eea9fd4f797c6f4bd2efdcd805a5de79410b57229cda0c351f595f
-
Size
4.1MB
-
Sample
240517-fdstpaaa94
-
MD5
b3af3c3d51271257a2e2c97d2509c25e
-
SHA1
bd0dc3f8aae1897bd46a74d40560ffc636a5ac44
-
SHA256
b7b7c3d0e0eea9fd4f797c6f4bd2efdcd805a5de79410b57229cda0c351f595f
-
SHA512
31db80fb3464efae0782c35ae0ec5f16ba4c686c98525d4d5a88608f7437ec9a736c85dd10dbfb583f2ee01c776856b486ac79718a87bffdf98546aa552fde2d
-
SSDEEP
98304:GNO3yy04ogde7ep0A2AdPyQGNgd0+V4CCH3iZ/qkVniougG1o:gOA8mA0A2AFyQ3d0+aD4qkVni5o
Static task
static1
Behavioral task
behavioral1
Sample
b7b7c3d0e0eea9fd4f797c6f4bd2efdcd805a5de79410b57229cda0c351f595f.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
b7b7c3d0e0eea9fd4f797c6f4bd2efdcd805a5de79410b57229cda0c351f595f
-
Size
4.1MB
-
MD5
b3af3c3d51271257a2e2c97d2509c25e
-
SHA1
bd0dc3f8aae1897bd46a74d40560ffc636a5ac44
-
SHA256
b7b7c3d0e0eea9fd4f797c6f4bd2efdcd805a5de79410b57229cda0c351f595f
-
SHA512
31db80fb3464efae0782c35ae0ec5f16ba4c686c98525d4d5a88608f7437ec9a736c85dd10dbfb583f2ee01c776856b486ac79718a87bffdf98546aa552fde2d
-
SSDEEP
98304:GNO3yy04ogde7ep0A2AdPyQGNgd0+V4CCH3iZ/qkVniougG1o:gOA8mA0A2AFyQ3d0+aD4qkVni5o
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1