General
-
Target
abec059b2bc549d32808d63bf05d9531d11f5195ad52465e8bf17ce43a4d1e15
-
Size
4.1MB
-
Sample
240519-kwkm9abc3t
-
MD5
384e20ae787ee186940886413ccad1e1
-
SHA1
1c3ec62ac74c0c7ecb4605bf9f26250994726dd2
-
SHA256
abec059b2bc549d32808d63bf05d9531d11f5195ad52465e8bf17ce43a4d1e15
-
SHA512
9007ccf4741a7628a5d40efef538473a10ece16682a2d1c86d5d0f05d30fb0a8b69984fd87639f0ad029b240f336e65ee77c9890d08fa03c9cdf46cdc9f97032
-
SSDEEP
98304:QvCQaDBnSWO/B+XxjapSyZlG1PnsYHdaWgIg92gsnC3bzMZh6P1Q:QvC3DFSWO/BjYGk1PnXHoWWZ1za6NQ
Static task
static1
Behavioral task
behavioral1
Sample
abec059b2bc549d32808d63bf05d9531d11f5195ad52465e8bf17ce43a4d1e15.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
abec059b2bc549d32808d63bf05d9531d11f5195ad52465e8bf17ce43a4d1e15
-
Size
4.1MB
-
MD5
384e20ae787ee186940886413ccad1e1
-
SHA1
1c3ec62ac74c0c7ecb4605bf9f26250994726dd2
-
SHA256
abec059b2bc549d32808d63bf05d9531d11f5195ad52465e8bf17ce43a4d1e15
-
SHA512
9007ccf4741a7628a5d40efef538473a10ece16682a2d1c86d5d0f05d30fb0a8b69984fd87639f0ad029b240f336e65ee77c9890d08fa03c9cdf46cdc9f97032
-
SSDEEP
98304:QvCQaDBnSWO/B+XxjapSyZlG1PnsYHdaWgIg92gsnC3bzMZh6P1Q:QvC3DFSWO/BjYGk1PnXHoWWZ1za6NQ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1