General
-
Target
64b5b50e0d4eca9666f5069c0bb73bc9eefac9822c6de859b2c3d5a3cb02b8a2
-
Size
4.2MB
-
Sample
230607-flxslshd9y
-
MD5
57df49d01fe9dec1ccade1408989ab77
-
SHA1
b6d82b50e0ab2fc45b4e6867edd6f00ec04c32bc
-
SHA256
64b5b50e0d4eca9666f5069c0bb73bc9eefac9822c6de859b2c3d5a3cb02b8a2
-
SHA512
bfaf17275a3401a3a1ab090dd04de68cde18c3a77d29699e342ee795f5c1fb625512d05609b091dce2784002ad7f5e93897b9d31122c576f78c3933f4e033af8
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmj:EVgExzqDGjFZxZyR8VVMiAth8
Static task
static1
Malware Config
Targets
-
-
Target
64b5b50e0d4eca9666f5069c0bb73bc9eefac9822c6de859b2c3d5a3cb02b8a2
-
Size
4.2MB
-
MD5
57df49d01fe9dec1ccade1408989ab77
-
SHA1
b6d82b50e0ab2fc45b4e6867edd6f00ec04c32bc
-
SHA256
64b5b50e0d4eca9666f5069c0bb73bc9eefac9822c6de859b2c3d5a3cb02b8a2
-
SHA512
bfaf17275a3401a3a1ab090dd04de68cde18c3a77d29699e342ee795f5c1fb625512d05609b091dce2784002ad7f5e93897b9d31122c576f78c3933f4e033af8
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmj:EVgExzqDGjFZxZyR8VVMiAth8
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-