General
-
Target
dcd36f6d2b77614dcee4c7f551139ce1a2d25c2f9d0b2f5ff6445f6d7edd86a4
-
Size
4.2MB
-
Sample
230606-3pjrgsgb25
-
MD5
168cba2eaac60652074e24e0f42b5b25
-
SHA1
5453769440796fe741dd7e8c1a9fe708042e42c9
-
SHA256
dcd36f6d2b77614dcee4c7f551139ce1a2d25c2f9d0b2f5ff6445f6d7edd86a4
-
SHA512
16588033c0b46aad06683c52981ce02a2c5477e3a1080bccc1ee7a7dcef33b5d794f14c7b104410d899bcda1f6fa87346051a18e058f42c394ec9b415686eca0
-
SSDEEP
98304:QpjGb0Pg7YgkXMGp2wJncYbqkxEXKJX4478CQikEd6UOr:QpjvTgAlp5Jcwr+aisdQjEQUu
Static task
static1
Malware Config
Targets
-
-
Target
dcd36f6d2b77614dcee4c7f551139ce1a2d25c2f9d0b2f5ff6445f6d7edd86a4
-
Size
4.2MB
-
MD5
168cba2eaac60652074e24e0f42b5b25
-
SHA1
5453769440796fe741dd7e8c1a9fe708042e42c9
-
SHA256
dcd36f6d2b77614dcee4c7f551139ce1a2d25c2f9d0b2f5ff6445f6d7edd86a4
-
SHA512
16588033c0b46aad06683c52981ce02a2c5477e3a1080bccc1ee7a7dcef33b5d794f14c7b104410d899bcda1f6fa87346051a18e058f42c394ec9b415686eca0
-
SSDEEP
98304:QpjGb0Pg7YgkXMGp2wJncYbqkxEXKJX4478CQikEd6UOr:QpjvTgAlp5Jcwr+aisdQjEQUu
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-