General
-
Target
c2e12794ead01093a84a7dd920b3d4eb73ee69b5f661d94ee0083fc83befb55d
-
Size
4.2MB
-
Sample
230607-f1almagh77
-
MD5
b95762e01b306b9b4f4d63c57312d4e1
-
SHA1
0ae9df5dc47578bcac281b8a8bea2f86ddfe5612
-
SHA256
c2e12794ead01093a84a7dd920b3d4eb73ee69b5f661d94ee0083fc83befb55d
-
SHA512
9164d2ecb862a310c219e14e4c8dac0f105b009b5ff6b411122540e952f0a55c05126592d21460d9ee52f8064e472b562bffbb7819fcb9dc9f436e32f2b449f3
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8VdcthmE:EVgExzqDGjFZxZyR8VVMiAthD
Static task
static1
Malware Config
Targets
-
-
Target
c2e12794ead01093a84a7dd920b3d4eb73ee69b5f661d94ee0083fc83befb55d
-
Size
4.2MB
-
MD5
b95762e01b306b9b4f4d63c57312d4e1
-
SHA1
0ae9df5dc47578bcac281b8a8bea2f86ddfe5612
-
SHA256
c2e12794ead01093a84a7dd920b3d4eb73ee69b5f661d94ee0083fc83befb55d
-
SHA512
9164d2ecb862a310c219e14e4c8dac0f105b009b5ff6b411122540e952f0a55c05126592d21460d9ee52f8064e472b562bffbb7819fcb9dc9f436e32f2b449f3
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8VdcthmE:EVgExzqDGjFZxZyR8VVMiAthD
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-