General
-
Target
06ec3f6cae94912676e52f55f56fe73c2dbee08cc3d40d84bb0e8d9650a9a6f5
-
Size
4.0MB
-
Sample
230221-j7kxqaga2y
-
MD5
a680fbeca7dc5bcd762afec6c07b77df
-
SHA1
f2e9d37ea8a06fcbaeacb66e6dd6a6066d325767
-
SHA256
06ec3f6cae94912676e52f55f56fe73c2dbee08cc3d40d84bb0e8d9650a9a6f5
-
SHA512
0899dd8e89fb4bdcda43d57887766839451897f516f4f7b8ccb7255cf2d56b27ff6d2ba3ad432ab12b104297edeeaca7df0331ebf8c0e3f7821075ba3d73b1cb
-
SSDEEP
98304:oOcl/6p/hXvawWDPCW6slvHtwGl4mbc7kkQ8o6l27FqZCt7h3c5:glyhhXyw2PMIvtZ4vBQ2iqZCU5
Static task
static1
Malware Config
Targets
-
-
Target
06ec3f6cae94912676e52f55f56fe73c2dbee08cc3d40d84bb0e8d9650a9a6f5
-
Size
4.0MB
-
MD5
a680fbeca7dc5bcd762afec6c07b77df
-
SHA1
f2e9d37ea8a06fcbaeacb66e6dd6a6066d325767
-
SHA256
06ec3f6cae94912676e52f55f56fe73c2dbee08cc3d40d84bb0e8d9650a9a6f5
-
SHA512
0899dd8e89fb4bdcda43d57887766839451897f516f4f7b8ccb7255cf2d56b27ff6d2ba3ad432ab12b104297edeeaca7df0331ebf8c0e3f7821075ba3d73b1cb
-
SSDEEP
98304:oOcl/6p/hXvawWDPCW6slvHtwGl4mbc7kkQ8o6l27FqZCt7h3c5:glyhhXyw2PMIvtZ4vBQ2iqZCU5
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-