General
-
Target
a331b125f34651fcefa44339d8c91e4e33b60e0dd7c77c2b7a758d29ce91cbb8
-
Size
4.2MB
-
Sample
230606-szqyfaec99
-
MD5
24d8b087aadbc0ed99742d4d9b21643f
-
SHA1
21e044604945f018581b65fcd1d9606b57e074a7
-
SHA256
a331b125f34651fcefa44339d8c91e4e33b60e0dd7c77c2b7a758d29ce91cbb8
-
SHA512
01c4c8565b17d54e8ba2903128038eda824abe9126458c86b68fd950f07cb7d59c4a9ad3e68b57d71598b6d159f789489c499ed038bf3780b8f305b0cae8dd4e
-
SSDEEP
98304:CwD61FoiFrV4uHNu/sjTzLLpvUtDefKLGgjrGTOuAY96M:Ct1FoixHNu/sj/LLpMtLbbulj
Static task
static1
Malware Config
Targets
-
-
Target
a331b125f34651fcefa44339d8c91e4e33b60e0dd7c77c2b7a758d29ce91cbb8
-
Size
4.2MB
-
MD5
24d8b087aadbc0ed99742d4d9b21643f
-
SHA1
21e044604945f018581b65fcd1d9606b57e074a7
-
SHA256
a331b125f34651fcefa44339d8c91e4e33b60e0dd7c77c2b7a758d29ce91cbb8
-
SHA512
01c4c8565b17d54e8ba2903128038eda824abe9126458c86b68fd950f07cb7d59c4a9ad3e68b57d71598b6d159f789489c499ed038bf3780b8f305b0cae8dd4e
-
SSDEEP
98304:CwD61FoiFrV4uHNu/sjTzLLpvUtDefKLGgjrGTOuAY96M:Ct1FoixHNu/sj/LLpMtLbbulj
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-