General
-
Target
486862584473fd580b54aa0766f037e0894844794f4aaacbdee23ae1010bb1df
-
Size
4.1MB
-
Sample
240517-px2qdahh59
-
MD5
5ca416e9d1b7f5ea5539e30918f434c0
-
SHA1
71ebc565916f8310aaeec1496795b98b5bdb5ea0
-
SHA256
486862584473fd580b54aa0766f037e0894844794f4aaacbdee23ae1010bb1df
-
SHA512
9dad01215a25905ef3cdf97266866784d251271aa618f37ee45a9e38ff4e2dac40bb0c16c119142f243561c0cfec7b1aef6ea090cb5f1529a0f3d9c7aea9f5da
-
SSDEEP
98304:XBVs1p4PpCxl89qkqVHLjfQjDTn2r+NbO:Ra1p4P0l8MfVLMTrO
Static task
static1
Behavioral task
behavioral1
Sample
486862584473fd580b54aa0766f037e0894844794f4aaacbdee23ae1010bb1df.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
486862584473fd580b54aa0766f037e0894844794f4aaacbdee23ae1010bb1df
-
Size
4.1MB
-
MD5
5ca416e9d1b7f5ea5539e30918f434c0
-
SHA1
71ebc565916f8310aaeec1496795b98b5bdb5ea0
-
SHA256
486862584473fd580b54aa0766f037e0894844794f4aaacbdee23ae1010bb1df
-
SHA512
9dad01215a25905ef3cdf97266866784d251271aa618f37ee45a9e38ff4e2dac40bb0c16c119142f243561c0cfec7b1aef6ea090cb5f1529a0f3d9c7aea9f5da
-
SSDEEP
98304:XBVs1p4PpCxl89qkqVHLjfQjDTn2r+NbO:Ra1p4P0l8MfVLMTrO
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1