General
-
Target
eb57ba7cfee891c5eb53342a08d24be486e03b10d97e7f9f19d8242669395bab
-
Size
4.2MB
-
Sample
230606-2c34xsge6y
-
MD5
759f2f02a05653e88824dbc87bb13753
-
SHA1
1a502fc07e7f6beca400283628556ee1acaf1a4d
-
SHA256
eb57ba7cfee891c5eb53342a08d24be486e03b10d97e7f9f19d8242669395bab
-
SHA512
c1bf0130b04b915966e2404c5b00cf4f0e460de3357ebca713cbcb72baeec0fe124b54a8bb1f9b9bcb1888c7df249cc198ae20b1ba497d9fbbc0830d31f74197
-
SSDEEP
98304:TCXgtvYrM88gRyaQy+erhrT7EEfw6+uo055wYcZL43PTwGGzCzUNG:TAAvYrcaQ4rh8r62Y8U3P09zrG
Static task
static1
Malware Config
Targets
-
-
Target
eb57ba7cfee891c5eb53342a08d24be486e03b10d97e7f9f19d8242669395bab
-
Size
4.2MB
-
MD5
759f2f02a05653e88824dbc87bb13753
-
SHA1
1a502fc07e7f6beca400283628556ee1acaf1a4d
-
SHA256
eb57ba7cfee891c5eb53342a08d24be486e03b10d97e7f9f19d8242669395bab
-
SHA512
c1bf0130b04b915966e2404c5b00cf4f0e460de3357ebca713cbcb72baeec0fe124b54a8bb1f9b9bcb1888c7df249cc198ae20b1ba497d9fbbc0830d31f74197
-
SSDEEP
98304:TCXgtvYrM88gRyaQy+erhrT7EEfw6+uo055wYcZL43PTwGGzCzUNG:TAAvYrcaQ4rh8r62Y8U3P09zrG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-