General
-
Target
ab191a177fefdce19b54cecabf760c92955595bdbbb18efaf73e01c60f1f1d3a
-
Size
4.2MB
-
Sample
230606-vvjpnsfc9s
-
MD5
e2bd07c3657d4c22c63a3323ceaba1a6
-
SHA1
15847f4cf3a74478a17157a9e855a468faedd6fd
-
SHA256
ab191a177fefdce19b54cecabf760c92955595bdbbb18efaf73e01c60f1f1d3a
-
SHA512
5cb6d54d1585885e7992d7ea1db69af416f444a0acaf26a09b85abd1c4d07db2007ff9a90236588389b56e621b3fdf20218bbdb1133f37e7ec059c4c085aa318
-
SSDEEP
98304:lZWb6LD0a8dfSnswbp9eN1HIelZhKeDO/efdW8UMpwvziYHL9SE6:l0YD0agSnT/eN1oel3HO1g
Static task
static1
Malware Config
Targets
-
-
Target
ab191a177fefdce19b54cecabf760c92955595bdbbb18efaf73e01c60f1f1d3a
-
Size
4.2MB
-
MD5
e2bd07c3657d4c22c63a3323ceaba1a6
-
SHA1
15847f4cf3a74478a17157a9e855a468faedd6fd
-
SHA256
ab191a177fefdce19b54cecabf760c92955595bdbbb18efaf73e01c60f1f1d3a
-
SHA512
5cb6d54d1585885e7992d7ea1db69af416f444a0acaf26a09b85abd1c4d07db2007ff9a90236588389b56e621b3fdf20218bbdb1133f37e7ec059c4c085aa318
-
SSDEEP
98304:lZWb6LD0a8dfSnswbp9eN1HIelZhKeDO/efdW8UMpwvziYHL9SE6:l0YD0agSnT/eN1oel3HO1g
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-