General
-
Target
8ced9e7c189c6f777afc030b22307ecc7e8ca4795b183b33b3551000a93e6519
-
Size
4.1MB
-
Sample
240517-pt42bshe2y
-
MD5
78a7bc393dc719e6856df16f6fd1b0b8
-
SHA1
a7ae9ab2b5ea523f62f87c2401f4c07a2df93a0b
-
SHA256
8ced9e7c189c6f777afc030b22307ecc7e8ca4795b183b33b3551000a93e6519
-
SHA512
f5d788b9e77536ddecf4710af1df42ee9aabb145a49cf34c48f57f4a5e4b8ede8c64b292eac07abdb4fea06226e0021c46850ea2c56c09c0ac2398b3cd1a1abd
-
SSDEEP
98304:0d7tSzSG1TEQyj2soCVZzfOSLUhtCaFAX/iUIATxmmpvA2aCdQuFREnErA:mRMSLQaVNfPUP9FaqUIATxXaCdFFREnB
Static task
static1
Behavioral task
behavioral1
Sample
8ced9e7c189c6f777afc030b22307ecc7e8ca4795b183b33b3551000a93e6519.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8ced9e7c189c6f777afc030b22307ecc7e8ca4795b183b33b3551000a93e6519
-
Size
4.1MB
-
MD5
78a7bc393dc719e6856df16f6fd1b0b8
-
SHA1
a7ae9ab2b5ea523f62f87c2401f4c07a2df93a0b
-
SHA256
8ced9e7c189c6f777afc030b22307ecc7e8ca4795b183b33b3551000a93e6519
-
SHA512
f5d788b9e77536ddecf4710af1df42ee9aabb145a49cf34c48f57f4a5e4b8ede8c64b292eac07abdb4fea06226e0021c46850ea2c56c09c0ac2398b3cd1a1abd
-
SSDEEP
98304:0d7tSzSG1TEQyj2soCVZzfOSLUhtCaFAX/iUIATxmmpvA2aCdQuFREnErA:mRMSLQaVNfPUP9FaqUIATxXaCdFFREnB
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1