General
-
Target
644517605176e7ee5e282781fe1f5410390e84616f51ac46f069843e461f2c00
-
Size
4.2MB
-
Sample
230607-jve6pshb72
-
MD5
cf21c23a17da5e77d5922ce95efe7401
-
SHA1
492e00c3dddea4481b4c20b9807fe3372e88355c
-
SHA256
644517605176e7ee5e282781fe1f5410390e84616f51ac46f069843e461f2c00
-
SHA512
987f7d11687af830f16cf4669614f910b3abd7968d168153db622677f5d2d3ab6b5c165816acb41e2f37657d84f1e7b0950287ff6a5de24018267154edaf734a
-
SSDEEP
98304:lDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVn:lDouuEXgnbxu1wiRDvT8rqBsQCySdx
Static task
static1
Malware Config
Targets
-
-
Target
644517605176e7ee5e282781fe1f5410390e84616f51ac46f069843e461f2c00
-
Size
4.2MB
-
MD5
cf21c23a17da5e77d5922ce95efe7401
-
SHA1
492e00c3dddea4481b4c20b9807fe3372e88355c
-
SHA256
644517605176e7ee5e282781fe1f5410390e84616f51ac46f069843e461f2c00
-
SHA512
987f7d11687af830f16cf4669614f910b3abd7968d168153db622677f5d2d3ab6b5c165816acb41e2f37657d84f1e7b0950287ff6a5de24018267154edaf734a
-
SSDEEP
98304:lDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVn:lDouuEXgnbxu1wiRDvT8rqBsQCySdx
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-