General
-
Target
28c9f359048866a09d47e7af54929b71f1036e14a03bc137768118cab7a79ab1
-
Size
4.1MB
-
Sample
230607-3zk3asaa2s
-
MD5
fc9774ac68cefbf8c3d89f44e1ecb0d0
-
SHA1
66c885cdf03a50c8a18a925d11500eb50145bd00
-
SHA256
28c9f359048866a09d47e7af54929b71f1036e14a03bc137768118cab7a79ab1
-
SHA512
64a3dd1945e94ec4d4acf203652af9e185df57ea15a202a1974f272e33507986a77a39d52027ca630c15849372f3868b6e16fd9f4d8234690b9de63a0d5d8d1b
-
SSDEEP
98304:X8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nROO:XHBTb9PiwXZgsnFBYRZ/kYO
Static task
static1
Malware Config
Targets
-
-
Target
28c9f359048866a09d47e7af54929b71f1036e14a03bc137768118cab7a79ab1
-
Size
4.1MB
-
MD5
fc9774ac68cefbf8c3d89f44e1ecb0d0
-
SHA1
66c885cdf03a50c8a18a925d11500eb50145bd00
-
SHA256
28c9f359048866a09d47e7af54929b71f1036e14a03bc137768118cab7a79ab1
-
SHA512
64a3dd1945e94ec4d4acf203652af9e185df57ea15a202a1974f272e33507986a77a39d52027ca630c15849372f3868b6e16fd9f4d8234690b9de63a0d5d8d1b
-
SSDEEP
98304:X8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nROO:XHBTb9PiwXZgsnFBYRZ/kYO
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-