General
-
Target
8c588d4f64ea4b95b0fc1f41e0c07aff60b3cd5dfb4dcaad1877f426109b6cf3
-
Size
4.1MB
-
Sample
240519-grdscsdf51
-
MD5
605c28e99106f97c17e8a0c5dbf95f6f
-
SHA1
82f63ca5974daf92b48b21f6c5fb5fc0b573cd1c
-
SHA256
8c588d4f64ea4b95b0fc1f41e0c07aff60b3cd5dfb4dcaad1877f426109b6cf3
-
SHA512
845e15638737abbee9f4ad38c3f8ff09a6bf69a8b12901aef1dba18947543960ecf19ab87180477458adc2df27019860e8ee0b76b633b3e7f1b59b06ec69f3bc
-
SSDEEP
98304:EWlQWNKQPwrulMpohZQjk4lnBk2/sgseYryCqOgI7KD2bsOvJZ+2+Yz:EW16ulMesXlnBp/sjruCqmtIOvag
Static task
static1
Behavioral task
behavioral1
Sample
8c588d4f64ea4b95b0fc1f41e0c07aff60b3cd5dfb4dcaad1877f426109b6cf3.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
8c588d4f64ea4b95b0fc1f41e0c07aff60b3cd5dfb4dcaad1877f426109b6cf3
-
Size
4.1MB
-
MD5
605c28e99106f97c17e8a0c5dbf95f6f
-
SHA1
82f63ca5974daf92b48b21f6c5fb5fc0b573cd1c
-
SHA256
8c588d4f64ea4b95b0fc1f41e0c07aff60b3cd5dfb4dcaad1877f426109b6cf3
-
SHA512
845e15638737abbee9f4ad38c3f8ff09a6bf69a8b12901aef1dba18947543960ecf19ab87180477458adc2df27019860e8ee0b76b633b3e7f1b59b06ec69f3bc
-
SSDEEP
98304:EWlQWNKQPwrulMpohZQjk4lnBk2/sgseYryCqOgI7KD2bsOvJZ+2+Yz:EW16ulMesXlnBp/sjruCqmtIOvag
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1