General
-
Target
afd7b064d92d3e9cf5bd8c9e7f2e95f3f829d0082576329cd7babfa88fefc4b4
-
Size
4.1MB
-
Sample
240519-gf2eaadb63
-
MD5
db0dd57c36bcdc8d1bfb94e81f0986f8
-
SHA1
74280e8c422f22dd03ad86b7c84ac4f860dca5a0
-
SHA256
afd7b064d92d3e9cf5bd8c9e7f2e95f3f829d0082576329cd7babfa88fefc4b4
-
SHA512
53fc402a00b12209df5890ece10cb213d5d73e2b23f7e1059d138996fdeeb073d35cc0cc76403941d8c95097ef68fbd45a5605ece23fccf7ac6e923bc369580c
-
SSDEEP
98304:cWlQWNKQPwrulMpohZQjk4lnBk2/sgseYryCqOgI7KD2bsOvJZ+2+Y/:cW16ulMesXlnBp/sjruCqmtIOvaY
Static task
static1
Behavioral task
behavioral1
Sample
afd7b064d92d3e9cf5bd8c9e7f2e95f3f829d0082576329cd7babfa88fefc4b4.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
afd7b064d92d3e9cf5bd8c9e7f2e95f3f829d0082576329cd7babfa88fefc4b4
-
Size
4.1MB
-
MD5
db0dd57c36bcdc8d1bfb94e81f0986f8
-
SHA1
74280e8c422f22dd03ad86b7c84ac4f860dca5a0
-
SHA256
afd7b064d92d3e9cf5bd8c9e7f2e95f3f829d0082576329cd7babfa88fefc4b4
-
SHA512
53fc402a00b12209df5890ece10cb213d5d73e2b23f7e1059d138996fdeeb073d35cc0cc76403941d8c95097ef68fbd45a5605ece23fccf7ac6e923bc369580c
-
SSDEEP
98304:cWlQWNKQPwrulMpohZQjk4lnBk2/sgseYryCqOgI7KD2bsOvJZ+2+Y/:cW16ulMesXlnBp/sjruCqmtIOvaY
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1