General
-
Target
72a79ffccc1970d24b9daf5a40b00693d487cd66d33018f0cb049af1b66efdbb
-
Size
4.1MB
-
Sample
230607-3r53hahh2y
-
MD5
9a9dc54b799ace465b77c166422cce89
-
SHA1
bc5caf7ae43f02fae28b7f011225307952a6c29b
-
SHA256
72a79ffccc1970d24b9daf5a40b00693d487cd66d33018f0cb049af1b66efdbb
-
SHA512
ec8ea8da58f2972f5dbd03a308aa6708d0508d13714e093971e41c8e6b7a3af0bd7be22444b5167838bc84b191d7439738db698e0d229149842596efa4367cde
-
SSDEEP
98304:vBN1RAFSgRiVCpISJpdcmes/cLo8j85qRy/lobOo38dy:VWKCpI4pdFo5Hy/loNsU
Static task
static1
Malware Config
Targets
-
-
Target
72a79ffccc1970d24b9daf5a40b00693d487cd66d33018f0cb049af1b66efdbb
-
Size
4.1MB
-
MD5
9a9dc54b799ace465b77c166422cce89
-
SHA1
bc5caf7ae43f02fae28b7f011225307952a6c29b
-
SHA256
72a79ffccc1970d24b9daf5a40b00693d487cd66d33018f0cb049af1b66efdbb
-
SHA512
ec8ea8da58f2972f5dbd03a308aa6708d0508d13714e093971e41c8e6b7a3af0bd7be22444b5167838bc84b191d7439738db698e0d229149842596efa4367cde
-
SSDEEP
98304:vBN1RAFSgRiVCpISJpdcmes/cLo8j85qRy/lobOo38dy:VWKCpI4pdFo5Hy/loNsU
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-