General
-
Target
af5adb06ac4e3ae4b1327b1613fa01afa7f1526ee03debd99a01cf4f1cbdd3a5
-
Size
4.2MB
-
Sample
230606-tba3rafa8v
-
MD5
ef6f302123fe3815747db077a99739b8
-
SHA1
bf4ed9c6c8518a81b31bca21d06c3b429ca7f0a1
-
SHA256
af5adb06ac4e3ae4b1327b1613fa01afa7f1526ee03debd99a01cf4f1cbdd3a5
-
SHA512
fd9b03136ca08cc4807f862af7a793d30fa699a6548f9612f169d3c87f8e3fc74583e906eaf29863590b5ed9a0093c342fcfdef752547228806d9b9f6147240b
-
SSDEEP
98304:awD61FoiFrV4uHNu/sjTzLLpvUtDefKLGgjrGTOuAY96U:at1FoixHNu/sj/LLpMtLbbulz
Static task
static1
Malware Config
Targets
-
-
Target
af5adb06ac4e3ae4b1327b1613fa01afa7f1526ee03debd99a01cf4f1cbdd3a5
-
Size
4.2MB
-
MD5
ef6f302123fe3815747db077a99739b8
-
SHA1
bf4ed9c6c8518a81b31bca21d06c3b429ca7f0a1
-
SHA256
af5adb06ac4e3ae4b1327b1613fa01afa7f1526ee03debd99a01cf4f1cbdd3a5
-
SHA512
fd9b03136ca08cc4807f862af7a793d30fa699a6548f9612f169d3c87f8e3fc74583e906eaf29863590b5ed9a0093c342fcfdef752547228806d9b9f6147240b
-
SSDEEP
98304:awD61FoiFrV4uHNu/sjTzLLpvUtDefKLGgjrGTOuAY96U:at1FoixHNu/sj/LLpMtLbbulz
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-