General
-
Target
12f4030637ac27288ccef8f5a02dac9a0ac4b51406d05fe83d23639d32875204
-
Size
4.2MB
-
Sample
230607-jv38jahg5y
-
MD5
18b9b69a235250a40d8f576f95bc06f0
-
SHA1
e731674a1327acb926c527a1acbe4822446caabd
-
SHA256
12f4030637ac27288ccef8f5a02dac9a0ac4b51406d05fe83d23639d32875204
-
SHA512
cfc8353d996645f1ecd703c2a14f878d10da27ea2472b45fd0a5ceb79728d9a715a3cf93eba20c8ecf70ed52050e2e7454e2a0661bd52fbd8e1c9fa693472720
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVY:dDouuEXgnbxu1wiRDvT8rqBsQCySde
Static task
static1
Malware Config
Targets
-
-
Target
12f4030637ac27288ccef8f5a02dac9a0ac4b51406d05fe83d23639d32875204
-
Size
4.2MB
-
MD5
18b9b69a235250a40d8f576f95bc06f0
-
SHA1
e731674a1327acb926c527a1acbe4822446caabd
-
SHA256
12f4030637ac27288ccef8f5a02dac9a0ac4b51406d05fe83d23639d32875204
-
SHA512
cfc8353d996645f1ecd703c2a14f878d10da27ea2472b45fd0a5ceb79728d9a715a3cf93eba20c8ecf70ed52050e2e7454e2a0661bd52fbd8e1c9fa693472720
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVY:dDouuEXgnbxu1wiRDvT8rqBsQCySde
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-