General
-
Target
6779fef33a976fbeed185868206a253fadba4513a6b951f6c7d9c951c29b3d19
-
Size
4.2MB
-
Sample
230607-fagl9ahd6z
-
MD5
d00eb119346298effa8ee742cddf71e6
-
SHA1
cc1ef61937ffbe0b0202adf41b23650a055be6cc
-
SHA256
6779fef33a976fbeed185868206a253fadba4513a6b951f6c7d9c951c29b3d19
-
SHA512
137e2d761f64bcc7287a82315834b866fd5b2c40e1c7dbf06ba8167074e950f79998295f166b25f8721d55f1cb983a6aab79d59e580baee78a6726b4932cc6fb
-
SSDEEP
98304:GwxLTHiVfND5jI8y46oyWY2H3chRPWTrgRgGL/Yh55yv:GwxHode46pGHKwrgacy50
Static task
static1
Malware Config
Targets
-
-
Target
6779fef33a976fbeed185868206a253fadba4513a6b951f6c7d9c951c29b3d19
-
Size
4.2MB
-
MD5
d00eb119346298effa8ee742cddf71e6
-
SHA1
cc1ef61937ffbe0b0202adf41b23650a055be6cc
-
SHA256
6779fef33a976fbeed185868206a253fadba4513a6b951f6c7d9c951c29b3d19
-
SHA512
137e2d761f64bcc7287a82315834b866fd5b2c40e1c7dbf06ba8167074e950f79998295f166b25f8721d55f1cb983a6aab79d59e580baee78a6726b4932cc6fb
-
SSDEEP
98304:GwxLTHiVfND5jI8y46oyWY2H3chRPWTrgRgGL/Yh55yv:GwxHode46pGHKwrgacy50
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-