General
-
Target
4c71ce019072db6763adc78098d30159743f6dd1a2672b4f743392352acde788
-
Size
4.1MB
-
Sample
240519-1m4yjabf4z
-
MD5
452b6c70c86f7ad78c84af5407d4c769
-
SHA1
240f462eb3e7d06dfc3b7aef55684e3c48f47c65
-
SHA256
4c71ce019072db6763adc78098d30159743f6dd1a2672b4f743392352acde788
-
SHA512
7ac958df103493e28ed1411de2259b658ee07ece24ee3ddf0c754570a4d4d0466aeb2b92bfcb15180efe4a91d03ce8d4a85dfb1b367618eda1e10e6f9a43c25a
-
SSDEEP
98304:UX33DbWGkLHuFK+TwQmBC6reQ4TTNXYvI8KgvjrB0r/:UXPWAwQyCdJYw8Kgg/
Static task
static1
Behavioral task
behavioral1
Sample
4c71ce019072db6763adc78098d30159743f6dd1a2672b4f743392352acde788.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
4c71ce019072db6763adc78098d30159743f6dd1a2672b4f743392352acde788
-
Size
4.1MB
-
MD5
452b6c70c86f7ad78c84af5407d4c769
-
SHA1
240f462eb3e7d06dfc3b7aef55684e3c48f47c65
-
SHA256
4c71ce019072db6763adc78098d30159743f6dd1a2672b4f743392352acde788
-
SHA512
7ac958df103493e28ed1411de2259b658ee07ece24ee3ddf0c754570a4d4d0466aeb2b92bfcb15180efe4a91d03ce8d4a85dfb1b367618eda1e10e6f9a43c25a
-
SSDEEP
98304:UX33DbWGkLHuFK+TwQmBC6reQ4TTNXYvI8KgvjrB0r/:UXPWAwQyCdJYw8Kgg/
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1