General
-
Target
4d818a84b90145961b5dec224a5b6ff9ac64f1fe4f2f9b9fb3b3ab52c7521332
-
Size
4.1MB
-
Sample
240519-cdkljacg49
-
MD5
38fda2f226ac96c605fb2a29d14356f7
-
SHA1
389be5db2734f23c29de5da81c24a122d2849871
-
SHA256
4d818a84b90145961b5dec224a5b6ff9ac64f1fe4f2f9b9fb3b3ab52c7521332
-
SHA512
95f59cd4bb7b523a3e7b4bd1a8e99acdda020443ac83dad90080e30077504a5cb3c4523f535f728fdb729b0908363775490702c3a83a4243f58b8de5ff3cbf8d
-
SSDEEP
98304:8rbgSYZm0VZ47d2LjXdY+WeqK35WW/TEhU3Gu22Q:8rcnZFqd2LRPP3hYhQZQ
Static task
static1
Behavioral task
behavioral1
Sample
4d818a84b90145961b5dec224a5b6ff9ac64f1fe4f2f9b9fb3b3ab52c7521332.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
4d818a84b90145961b5dec224a5b6ff9ac64f1fe4f2f9b9fb3b3ab52c7521332
-
Size
4.1MB
-
MD5
38fda2f226ac96c605fb2a29d14356f7
-
SHA1
389be5db2734f23c29de5da81c24a122d2849871
-
SHA256
4d818a84b90145961b5dec224a5b6ff9ac64f1fe4f2f9b9fb3b3ab52c7521332
-
SHA512
95f59cd4bb7b523a3e7b4bd1a8e99acdda020443ac83dad90080e30077504a5cb3c4523f535f728fdb729b0908363775490702c3a83a4243f58b8de5ff3cbf8d
-
SSDEEP
98304:8rbgSYZm0VZ47d2LjXdY+WeqK35WW/TEhU3Gu22Q:8rcnZFqd2LRPP3hYhQZQ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1