General
-
Target
c2613072d2d0a8c8ffb4cd303d19114d3317bd847c084f7fc75174430715eee0
-
Size
4.1MB
-
Sample
240517-fetsdahh7x
-
MD5
797207306238ce5ade3460ebbfb8a245
-
SHA1
da0a90a2360eb027a7b15f0a40304f7297cd3048
-
SHA256
c2613072d2d0a8c8ffb4cd303d19114d3317bd847c084f7fc75174430715eee0
-
SHA512
3abe0a4c10eb811c3ae339f80bc6120d0cba4645a0a6e84119772aafb4dd478b3046ad76cab86294fd59992d40a7848e61d97790dc51dd5110d8549be6248ab7
-
SSDEEP
98304:mNO3yy04ogde7ep0A2AdPyQGNgd0+V4CCH3iZ/qkVniougG1b:AOA8mA0A2AFyQ3d0+aD4qkVni5b
Static task
static1
Behavioral task
behavioral1
Sample
c2613072d2d0a8c8ffb4cd303d19114d3317bd847c084f7fc75174430715eee0.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
c2613072d2d0a8c8ffb4cd303d19114d3317bd847c084f7fc75174430715eee0
-
Size
4.1MB
-
MD5
797207306238ce5ade3460ebbfb8a245
-
SHA1
da0a90a2360eb027a7b15f0a40304f7297cd3048
-
SHA256
c2613072d2d0a8c8ffb4cd303d19114d3317bd847c084f7fc75174430715eee0
-
SHA512
3abe0a4c10eb811c3ae339f80bc6120d0cba4645a0a6e84119772aafb4dd478b3046ad76cab86294fd59992d40a7848e61d97790dc51dd5110d8549be6248ab7
-
SSDEEP
98304:mNO3yy04ogde7ep0A2AdPyQGNgd0+V4CCH3iZ/qkVniougG1b:AOA8mA0A2AFyQ3d0+aD4qkVni5b
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1