General
-
Target
65c1f69ecd06e70c6cc3e69d3a6261229ebac40faf76d3755c1885030849474f
-
Size
4.2MB
-
Sample
230607-fr8r3agh68
-
MD5
00dd5169cd5a2068895f89085f13b874
-
SHA1
d5dc714621d52f7cc2a70eb4f97f5cc816d2f9a7
-
SHA256
65c1f69ecd06e70c6cc3e69d3a6261229ebac40faf76d3755c1885030849474f
-
SHA512
95b2db84a4e34121dd1bd3133028e02ba20738fc19d88b53a74103985a8be42b0b0f2b602cf14292183916c441a08ad0344344496154246dc975053a5e035840
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmj:EVgExzqDGjFZxZyR8VVMiAth0
Static task
static1
Malware Config
Targets
-
-
Target
65c1f69ecd06e70c6cc3e69d3a6261229ebac40faf76d3755c1885030849474f
-
Size
4.2MB
-
MD5
00dd5169cd5a2068895f89085f13b874
-
SHA1
d5dc714621d52f7cc2a70eb4f97f5cc816d2f9a7
-
SHA256
65c1f69ecd06e70c6cc3e69d3a6261229ebac40faf76d3755c1885030849474f
-
SHA512
95b2db84a4e34121dd1bd3133028e02ba20738fc19d88b53a74103985a8be42b0b0f2b602cf14292183916c441a08ad0344344496154246dc975053a5e035840
-
SSDEEP
98304:EV3QELaGwo1qDyz+mxXMY+SZa6ZKRD/StVVtijF8Vdcthmj:EVgExzqDGjFZxZyR8VVMiAth0
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-