General
-
Target
398d650cd4f7878dc8047c63f087a03c77b9f707cef82de3709034f28abe195d
-
Size
4.1MB
-
Sample
240517-pygftshh78
-
MD5
aefcacbf3e26a8e93310536c1f43d77e
-
SHA1
62ca2c7e12b719be3bfd57a3c2a7222bb4b11888
-
SHA256
398d650cd4f7878dc8047c63f087a03c77b9f707cef82de3709034f28abe195d
-
SHA512
5360d3fef105e4c4a0d3baf30d4609311695674d3e923b043b5f418ff401a0fec75bd34b2229f00831741da0e0ec2a4836c4c967f059bbbc844830056d5aaa16
-
SSDEEP
98304:fBVs1p4PpCxl89qkqVHLjfQjDTn2r+NbY:pa1p4P0l8MfVLMTrY
Static task
static1
Behavioral task
behavioral1
Sample
398d650cd4f7878dc8047c63f087a03c77b9f707cef82de3709034f28abe195d.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
398d650cd4f7878dc8047c63f087a03c77b9f707cef82de3709034f28abe195d
-
Size
4.1MB
-
MD5
aefcacbf3e26a8e93310536c1f43d77e
-
SHA1
62ca2c7e12b719be3bfd57a3c2a7222bb4b11888
-
SHA256
398d650cd4f7878dc8047c63f087a03c77b9f707cef82de3709034f28abe195d
-
SHA512
5360d3fef105e4c4a0d3baf30d4609311695674d3e923b043b5f418ff401a0fec75bd34b2229f00831741da0e0ec2a4836c4c967f059bbbc844830056d5aaa16
-
SSDEEP
98304:fBVs1p4PpCxl89qkqVHLjfQjDTn2r+NbY:pa1p4P0l8MfVLMTrY
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1