General
-
Target
275171848171b706ccd302ba321839a3ac724d615b9b48277d844578fdac7221
-
Size
4.2MB
-
Sample
230606-vyak6sfd2t
-
MD5
120e0d06f0e9c22a30fecab7443cb92f
-
SHA1
b83ed1e6bb44d68b1e7b4011184ab6cbc4ef9707
-
SHA256
275171848171b706ccd302ba321839a3ac724d615b9b48277d844578fdac7221
-
SHA512
04f2d656c7989e0538c5baf9312e9bec9877fd5363e86bc9c567ccb77cba9958c3b51323c42d49696e759ab2c3812bca9926a0e070ed79f7a222e08280c92d00
-
SSDEEP
98304:NZWb6LD0a8dfSnswbp9eN1HIelZhKeDO/efdW8UMpwvziYHL9SED:N0YD0agSnT/eN1oel3HO1t
Static task
static1
Malware Config
Targets
-
-
Target
275171848171b706ccd302ba321839a3ac724d615b9b48277d844578fdac7221
-
Size
4.2MB
-
MD5
120e0d06f0e9c22a30fecab7443cb92f
-
SHA1
b83ed1e6bb44d68b1e7b4011184ab6cbc4ef9707
-
SHA256
275171848171b706ccd302ba321839a3ac724d615b9b48277d844578fdac7221
-
SHA512
04f2d656c7989e0538c5baf9312e9bec9877fd5363e86bc9c567ccb77cba9958c3b51323c42d49696e759ab2c3812bca9926a0e070ed79f7a222e08280c92d00
-
SSDEEP
98304:NZWb6LD0a8dfSnswbp9eN1HIelZhKeDO/efdW8UMpwvziYHL9SED:N0YD0agSnT/eN1oel3HO1t
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-