General
-
Target
98f626cfb1f2a1c487c166ad5336153a499b5bba8e3d11c0f041915b6d8439ff
-
Size
4.2MB
-
Sample
230607-j6vqjahg8y
-
MD5
ca422b141ebc6fe44f78609da5c1fe45
-
SHA1
f404ffedba69183ef3a5ef887d905c1e60d9fc89
-
SHA256
98f626cfb1f2a1c487c166ad5336153a499b5bba8e3d11c0f041915b6d8439ff
-
SHA512
049ed9c9eaffd8dc802a9df36946266bd5da2a81d7dfa61755ab95abc2f05e10f4a5744ecf37623e0e79dd6f90560d3963210d45d550a5647142a35402bbb027
-
SSDEEP
98304:tDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdV5:tDouuEXgnbxu1wiRDvT8rqBsQCySdT
Static task
static1
Malware Config
Targets
-
-
Target
98f626cfb1f2a1c487c166ad5336153a499b5bba8e3d11c0f041915b6d8439ff
-
Size
4.2MB
-
MD5
ca422b141ebc6fe44f78609da5c1fe45
-
SHA1
f404ffedba69183ef3a5ef887d905c1e60d9fc89
-
SHA256
98f626cfb1f2a1c487c166ad5336153a499b5bba8e3d11c0f041915b6d8439ff
-
SHA512
049ed9c9eaffd8dc802a9df36946266bd5da2a81d7dfa61755ab95abc2f05e10f4a5744ecf37623e0e79dd6f90560d3963210d45d550a5647142a35402bbb027
-
SSDEEP
98304:tDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdV5:tDouuEXgnbxu1wiRDvT8rqBsQCySdT
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-