General
-
Target
b2dca0ec6e31924ca9f64477a2e9a2bdd01df5a46b064b76e6f40b9cdb8e742b
-
Size
4.1MB
-
Sample
230607-3kf5sshg4s
-
MD5
c2f75f5038626ca5c2b244cc27a5ae57
-
SHA1
9e31b6cf4efb8cd49fd696de81c4d5e6b27a3705
-
SHA256
b2dca0ec6e31924ca9f64477a2e9a2bdd01df5a46b064b76e6f40b9cdb8e742b
-
SHA512
b1268f12cf3c87086982b035429bc65753ac0a0f4a089d9e007a1c7f15246aa0acbd8df0c82b6a852fe4c27642d8a861350c741270aa8019bb859262c10e449c
-
SSDEEP
98304:/BN1RAFSgRiVCpISJpdcmes/cLo8j85qRy/lobOo38dN:FWKCpI4pdFo5Hy/loNsH
Static task
static1
Malware Config
Targets
-
-
Target
b2dca0ec6e31924ca9f64477a2e9a2bdd01df5a46b064b76e6f40b9cdb8e742b
-
Size
4.1MB
-
MD5
c2f75f5038626ca5c2b244cc27a5ae57
-
SHA1
9e31b6cf4efb8cd49fd696de81c4d5e6b27a3705
-
SHA256
b2dca0ec6e31924ca9f64477a2e9a2bdd01df5a46b064b76e6f40b9cdb8e742b
-
SHA512
b1268f12cf3c87086982b035429bc65753ac0a0f4a089d9e007a1c7f15246aa0acbd8df0c82b6a852fe4c27642d8a861350c741270aa8019bb859262c10e449c
-
SSDEEP
98304:/BN1RAFSgRiVCpISJpdcmes/cLo8j85qRy/lobOo38dN:FWKCpI4pdFo5Hy/loNsH
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-