General
-
Target
89082b55a12422d8c1d537a554f4d12421a3e40810dd0f40706183d935bfbf42
-
Size
4.2MB
-
Sample
230607-fk8tgsgh59
-
MD5
2af4233dc2ec57928caf38b046cfd21d
-
SHA1
5f32302d79600cfb798a7721de7649045c055c07
-
SHA256
89082b55a12422d8c1d537a554f4d12421a3e40810dd0f40706183d935bfbf42
-
SHA512
5409ea47aa6b7515f1df0a7f42f41009fc2993c6226c19f2396d10f5a66e50bcfd3b375d0d76266280c679295e32b04565d7b00f7a61d9ed87f24afad40f6c1d
-
SSDEEP
98304:MV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmk:MVgExzqDGjFZxZyR8VVMiAthj
Static task
static1
Malware Config
Targets
-
-
Target
89082b55a12422d8c1d537a554f4d12421a3e40810dd0f40706183d935bfbf42
-
Size
4.2MB
-
MD5
2af4233dc2ec57928caf38b046cfd21d
-
SHA1
5f32302d79600cfb798a7721de7649045c055c07
-
SHA256
89082b55a12422d8c1d537a554f4d12421a3e40810dd0f40706183d935bfbf42
-
SHA512
5409ea47aa6b7515f1df0a7f42f41009fc2993c6226c19f2396d10f5a66e50bcfd3b375d0d76266280c679295e32b04565d7b00f7a61d9ed87f24afad40f6c1d
-
SSDEEP
98304:MV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmk:MVgExzqDGjFZxZyR8VVMiAthj
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-