General
-
Target
50cab798cf8c26ecc53d7bf82945ec0d867f40226153ca9f88324bf7475f978e
-
Size
4.2MB
-
Sample
230606-s6fq2sed83
-
MD5
7f12f4324527950f556ec9e95b621c7a
-
SHA1
b4026e46a4b089708de7d0b10ddb68c2398a819d
-
SHA256
50cab798cf8c26ecc53d7bf82945ec0d867f40226153ca9f88324bf7475f978e
-
SHA512
2d63336b6f4e2f16f1c8bf24195767cebeae8b9df5895685209087f7ee5faf0098fa5c6fbc04db8773a1d23736313a511b67bfc52908afa4402fbaa4c466bdc6
-
SSDEEP
98304:CwD61FoiFrV4uHNu/sjTzLLpvUtDefKLGgjrGTOuAY9606:Ct1FoixHNu/sj/LLpMtLbbule
Static task
static1
Malware Config
Targets
-
-
Target
50cab798cf8c26ecc53d7bf82945ec0d867f40226153ca9f88324bf7475f978e
-
Size
4.2MB
-
MD5
7f12f4324527950f556ec9e95b621c7a
-
SHA1
b4026e46a4b089708de7d0b10ddb68c2398a819d
-
SHA256
50cab798cf8c26ecc53d7bf82945ec0d867f40226153ca9f88324bf7475f978e
-
SHA512
2d63336b6f4e2f16f1c8bf24195767cebeae8b9df5895685209087f7ee5faf0098fa5c6fbc04db8773a1d23736313a511b67bfc52908afa4402fbaa4c466bdc6
-
SSDEEP
98304:CwD61FoiFrV4uHNu/sjTzLLpvUtDefKLGgjrGTOuAY9606:Ct1FoixHNu/sj/LLpMtLbbule
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-