General
-
Target
39553572d976ea892c32b2ec23d923e5511625412d7e25a975ad87081d6b8bf1
-
Size
4.2MB
-
Sample
230607-jvk2yshg5x
-
MD5
893012beb01fa5b83baa01304f252420
-
SHA1
2a5ce4b5f936c8dd64b87297a420009241bceb3a
-
SHA256
39553572d976ea892c32b2ec23d923e5511625412d7e25a975ad87081d6b8bf1
-
SHA512
456910bc5f387ad89184261e4dab6d24839e463f73ebf4467838e524b1da95b66fa02b600f6cac37c14f028947994a3ed92d708067f97b5e22ec231bbb1884c2
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVa:dDouuEXgnbxu1wiRDvT8rqBsQCySdk
Static task
static1
Malware Config
Targets
-
-
Target
39553572d976ea892c32b2ec23d923e5511625412d7e25a975ad87081d6b8bf1
-
Size
4.2MB
-
MD5
893012beb01fa5b83baa01304f252420
-
SHA1
2a5ce4b5f936c8dd64b87297a420009241bceb3a
-
SHA256
39553572d976ea892c32b2ec23d923e5511625412d7e25a975ad87081d6b8bf1
-
SHA512
456910bc5f387ad89184261e4dab6d24839e463f73ebf4467838e524b1da95b66fa02b600f6cac37c14f028947994a3ed92d708067f97b5e22ec231bbb1884c2
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdVa:dDouuEXgnbxu1wiRDvT8rqBsQCySdk
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-