General
-
Target
279cd6f59d9c2097dc0fdd062dc1faf0999bf75938152a0b8b79ca5e19f6afa0
-
Size
4.2MB
-
Sample
230606-v1j8dseg57
-
MD5
1f366497e1e71d6564e339c07a0beefe
-
SHA1
d6553988447e770760de7d81fd93932375e54f74
-
SHA256
279cd6f59d9c2097dc0fdd062dc1faf0999bf75938152a0b8b79ca5e19f6afa0
-
SHA512
ee8b3b8e19634404521bd297d57a0e4d5e568389adc6b1cd4bd2e0eb37f67b4293f0eded46228c7e7376fd07ad0d502e6154fece47b00e7eb3b03a8abd20cdc0
-
SSDEEP
98304:1ZWb6LD0a8dfSnswbp9eN1HIelZhKeDO/efdW8UMpwvziYHL9SEE:10YD0agSnT/eN1oel3HO1S
Static task
static1
Malware Config
Targets
-
-
Target
279cd6f59d9c2097dc0fdd062dc1faf0999bf75938152a0b8b79ca5e19f6afa0
-
Size
4.2MB
-
MD5
1f366497e1e71d6564e339c07a0beefe
-
SHA1
d6553988447e770760de7d81fd93932375e54f74
-
SHA256
279cd6f59d9c2097dc0fdd062dc1faf0999bf75938152a0b8b79ca5e19f6afa0
-
SHA512
ee8b3b8e19634404521bd297d57a0e4d5e568389adc6b1cd4bd2e0eb37f67b4293f0eded46228c7e7376fd07ad0d502e6154fece47b00e7eb3b03a8abd20cdc0
-
SSDEEP
98304:1ZWb6LD0a8dfSnswbp9eN1HIelZhKeDO/efdW8UMpwvziYHL9SEE:10YD0agSnT/eN1oel3HO1S
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-