General
-
Target
7506fbcb7aa2fe8d7b68ed8c7effddb0c6ba4705d3dbff2e4b13375595602097
-
Size
4.2MB
-
Sample
230607-fl4wxsgh63
-
MD5
9083b49ce66ac3f35184a4f312d3d9b0
-
SHA1
de2ce061ecf04143e8f47ada0285d67c66d656a6
-
SHA256
7506fbcb7aa2fe8d7b68ed8c7effddb0c6ba4705d3dbff2e4b13375595602097
-
SHA512
382ef3db86fc518c2aab60879808247cc7672cf00c8e7e0f7b15189c0debb40cd9f5f744540b51b2c3da417413ab7c0aae0f94ab69a048be0306dab6ad7b4d51
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmm:EVgExzqDGjFZxZyR8VVMiAth9
Static task
static1
Malware Config
Targets
-
-
Target
7506fbcb7aa2fe8d7b68ed8c7effddb0c6ba4705d3dbff2e4b13375595602097
-
Size
4.2MB
-
MD5
9083b49ce66ac3f35184a4f312d3d9b0
-
SHA1
de2ce061ecf04143e8f47ada0285d67c66d656a6
-
SHA256
7506fbcb7aa2fe8d7b68ed8c7effddb0c6ba4705d3dbff2e4b13375595602097
-
SHA512
382ef3db86fc518c2aab60879808247cc7672cf00c8e7e0f7b15189c0debb40cd9f5f744540b51b2c3da417413ab7c0aae0f94ab69a048be0306dab6ad7b4d51
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmm:EVgExzqDGjFZxZyR8VVMiAth9
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-