General
-
Target
1e04f6fb0de2fd6c80036c7d213f6c63b6a718fd0540e53e335e735e9a098896
-
Size
4.2MB
-
Sample
230607-fhegvsgh53
-
MD5
9b7d8006f6a9443ddba51a9d83dd8a45
-
SHA1
ce30d598ae797e6d00fd011c1813cb64a32d47ab
-
SHA256
1e04f6fb0de2fd6c80036c7d213f6c63b6a718fd0540e53e335e735e9a098896
-
SHA512
7e1229631f6c5196fe3bdf1079714f0e634bbf2f8da53f82cc4169928fca32925a715c14aa45c8993f74030273dd2c7310224a426b9655ee5a57980d73373625
-
SSDEEP
98304:GwxLTHiVfND5jI8y46oyWY2H3chRPWTrgRgGL/Yh55yJ:GwxHode46pGHKwrgacy5q
Static task
static1
Malware Config
Targets
-
-
Target
1e04f6fb0de2fd6c80036c7d213f6c63b6a718fd0540e53e335e735e9a098896
-
Size
4.2MB
-
MD5
9b7d8006f6a9443ddba51a9d83dd8a45
-
SHA1
ce30d598ae797e6d00fd011c1813cb64a32d47ab
-
SHA256
1e04f6fb0de2fd6c80036c7d213f6c63b6a718fd0540e53e335e735e9a098896
-
SHA512
7e1229631f6c5196fe3bdf1079714f0e634bbf2f8da53f82cc4169928fca32925a715c14aa45c8993f74030273dd2c7310224a426b9655ee5a57980d73373625
-
SSDEEP
98304:GwxLTHiVfND5jI8y46oyWY2H3chRPWTrgRgGL/Yh55yJ:GwxHode46pGHKwrgacy5q
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-