General
-
Target
9c0b9c41b568d096db370322fa10e6d0ad7afad7f9a7478744cad7b5d9b30f0b
-
Size
4.2MB
-
Sample
230607-avv3gsgg3t
-
MD5
7469c2fd064d6a540c894aa8e2327a39
-
SHA1
2bd3ddf3d9402a65b7225336948a19cd681c48e0
-
SHA256
9c0b9c41b568d096db370322fa10e6d0ad7afad7f9a7478744cad7b5d9b30f0b
-
SHA512
487254488f16588cb821a0e8327de707a37610bbbbd120d596cb356f60b8e75b9302d029dfc483eef62a7ec95921dae1c66d3e435e2cd75a7326cc0075b868a4
-
SSDEEP
98304:kfj1qqJsKF48d0lq1tWEW7hhcbSAW+/YMXAe530ShV2WySKw:o9a8dPCj3cbSm55002b/w
Static task
static1
Malware Config
Targets
-
-
Target
9c0b9c41b568d096db370322fa10e6d0ad7afad7f9a7478744cad7b5d9b30f0b
-
Size
4.2MB
-
MD5
7469c2fd064d6a540c894aa8e2327a39
-
SHA1
2bd3ddf3d9402a65b7225336948a19cd681c48e0
-
SHA256
9c0b9c41b568d096db370322fa10e6d0ad7afad7f9a7478744cad7b5d9b30f0b
-
SHA512
487254488f16588cb821a0e8327de707a37610bbbbd120d596cb356f60b8e75b9302d029dfc483eef62a7ec95921dae1c66d3e435e2cd75a7326cc0075b868a4
-
SSDEEP
98304:kfj1qqJsKF48d0lq1tWEW7hhcbSAW+/YMXAe530ShV2WySKw:o9a8dPCj3cbSm55002b/w
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-