General
-
Target
499919fa5c0f6d2c15d49cd5614ddd95da48cb14f7769e451aef4fc5fe910506
-
Size
4.2MB
-
Sample
230607-f18hnahe3x
-
MD5
33c8b17e334ceca63a94bc3d6cce9e99
-
SHA1
fc6e5ba075c2b0138f42fff8ed126abccf920f82
-
SHA256
499919fa5c0f6d2c15d49cd5614ddd95da48cb14f7769e451aef4fc5fe910506
-
SHA512
5d820012e90f1120bfed12240e55a6bda0bb7650f9614e9f2acf6306e9541be7a80ab690754acaf92d9da3a714b029842d375102f0174a1bfbbf214c2ad4499f
-
SSDEEP
98304:MV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8VdcthmA:MVgExzqDGjFZxZyR8VVMiAthP
Static task
static1
Malware Config
Targets
-
-
Target
499919fa5c0f6d2c15d49cd5614ddd95da48cb14f7769e451aef4fc5fe910506
-
Size
4.2MB
-
MD5
33c8b17e334ceca63a94bc3d6cce9e99
-
SHA1
fc6e5ba075c2b0138f42fff8ed126abccf920f82
-
SHA256
499919fa5c0f6d2c15d49cd5614ddd95da48cb14f7769e451aef4fc5fe910506
-
SHA512
5d820012e90f1120bfed12240e55a6bda0bb7650f9614e9f2acf6306e9541be7a80ab690754acaf92d9da3a714b029842d375102f0174a1bfbbf214c2ad4499f
-
SSDEEP
98304:MV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8VdcthmA:MVgExzqDGjFZxZyR8VVMiAthP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-