General
-
Target
100a115e22ae5ace03ab53365af04cd0ebbe5b26766db1ed71628e972b017022
-
Size
4.2MB
-
Sample
230607-a6a7fsgc24
-
MD5
4690fe5772fd9e2699164057a6c16312
-
SHA1
4706aa70211dd2c26a76663c0ae024c639458fae
-
SHA256
100a115e22ae5ace03ab53365af04cd0ebbe5b26766db1ed71628e972b017022
-
SHA512
126f11bff4f9aab5c24b0d2e67898467b4b65bac236cf345697b45ddf7fcda7ea38e7ba265d9767e058ce10a6ae5406817a5c8092d787969c0d054ca6cfea36a
-
SSDEEP
98304:kfj1qqJsKF48d0lq1tWEW7hhcbSAW+/YMXAe530ShV2WySKX:o9a8dPCj3cbSm55002b/X
Static task
static1
Malware Config
Targets
-
-
Target
100a115e22ae5ace03ab53365af04cd0ebbe5b26766db1ed71628e972b017022
-
Size
4.2MB
-
MD5
4690fe5772fd9e2699164057a6c16312
-
SHA1
4706aa70211dd2c26a76663c0ae024c639458fae
-
SHA256
100a115e22ae5ace03ab53365af04cd0ebbe5b26766db1ed71628e972b017022
-
SHA512
126f11bff4f9aab5c24b0d2e67898467b4b65bac236cf345697b45ddf7fcda7ea38e7ba265d9767e058ce10a6ae5406817a5c8092d787969c0d054ca6cfea36a
-
SSDEEP
98304:kfj1qqJsKF48d0lq1tWEW7hhcbSAW+/YMXAe530ShV2WySKX:o9a8dPCj3cbSm55002b/X
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-