General
-
Target
f724883f0bd290ca39635a8d2999f26fbee001c5ee355abc096d7e01fd944d68
-
Size
4.2MB
-
Sample
230606-y2ntraga8v
-
MD5
f5a2ac0b391d0cc4368fa5acf89d12e8
-
SHA1
a5e2872efd6bdf30d5b7226d4401610c4c2ef15a
-
SHA256
f724883f0bd290ca39635a8d2999f26fbee001c5ee355abc096d7e01fd944d68
-
SHA512
e90b83e153ec170cd98fa8371200a5dee3684807be6cbb7f2aa368ffde4fad66743bd693a75059d867555dcc7e3a88e531280cb1ff0e661ae4cae4e34d62a6be
-
SSDEEP
98304:+Uo9FY7WfUngDNq1VwUR/NPDfiCH7lCBzt8qg:Dgy7Wf4ZXwUFNrqw4pt8H
Static task
static1
Malware Config
Targets
-
-
Target
f724883f0bd290ca39635a8d2999f26fbee001c5ee355abc096d7e01fd944d68
-
Size
4.2MB
-
MD5
f5a2ac0b391d0cc4368fa5acf89d12e8
-
SHA1
a5e2872efd6bdf30d5b7226d4401610c4c2ef15a
-
SHA256
f724883f0bd290ca39635a8d2999f26fbee001c5ee355abc096d7e01fd944d68
-
SHA512
e90b83e153ec170cd98fa8371200a5dee3684807be6cbb7f2aa368ffde4fad66743bd693a75059d867555dcc7e3a88e531280cb1ff0e661ae4cae4e34d62a6be
-
SSDEEP
98304:+Uo9FY7WfUngDNq1VwUR/NPDfiCH7lCBzt8qg:Dgy7Wf4ZXwUFNrqw4pt8H
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-