General
-
Target
0f5eae90ad0fdd13a2fd418b298816166344f4446e0c5bd45b2ed784c8996e74
-
Size
4.2MB
-
Sample
230607-jtztqahg5w
-
MD5
8d4803509899ed55b8aa37c0101ed508
-
SHA1
2933a04b525c2a7ba110c97101841a350b021f72
-
SHA256
0f5eae90ad0fdd13a2fd418b298816166344f4446e0c5bd45b2ed784c8996e74
-
SHA512
2dd8a1b3d25d0e1bb8418108b772428a713d03bafce4a9067403694ad13f7428580aece750875d151bcb2f6e41d76b8694d39b2ada7ceb3c1934ec74ed2cc79a
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVS:dDouuEXgnbxu1wiRDvT8rqBsQCySdQ
Static task
static1
Malware Config
Targets
-
-
Target
0f5eae90ad0fdd13a2fd418b298816166344f4446e0c5bd45b2ed784c8996e74
-
Size
4.2MB
-
MD5
8d4803509899ed55b8aa37c0101ed508
-
SHA1
2933a04b525c2a7ba110c97101841a350b021f72
-
SHA256
0f5eae90ad0fdd13a2fd418b298816166344f4446e0c5bd45b2ed784c8996e74
-
SHA512
2dd8a1b3d25d0e1bb8418108b772428a713d03bafce4a9067403694ad13f7428580aece750875d151bcb2f6e41d76b8694d39b2ada7ceb3c1934ec74ed2cc79a
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVS:dDouuEXgnbxu1wiRDvT8rqBsQCySdQ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-