General
-
Target
a9a362e35e463e8bdf0045fb23227af07a9ae8e922727c886789e6e725cdc2e8
-
Size
4.2MB
-
Sample
230607-jxmcsshg6y
-
MD5
5f142d24a45cd01843194a9f18832dff
-
SHA1
27afb6858071232930021736b38fc7936d2fdc87
-
SHA256
a9a362e35e463e8bdf0045fb23227af07a9ae8e922727c886789e6e725cdc2e8
-
SHA512
9413f8c744bd014ef827dbee04e101073dba4b6742cb416f65d108fcdfabbee2c3f0d7e1f26cdd0675de02a736ffd53dae1fdd60079a1c7c9fa5c6308ee9a7c5
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdV8B:dDouuEXgnbxu1wiRDvT8rqBsQCySdiB
Static task
static1
Malware Config
Targets
-
-
Target
a9a362e35e463e8bdf0045fb23227af07a9ae8e922727c886789e6e725cdc2e8
-
Size
4.2MB
-
MD5
5f142d24a45cd01843194a9f18832dff
-
SHA1
27afb6858071232930021736b38fc7936d2fdc87
-
SHA256
a9a362e35e463e8bdf0045fb23227af07a9ae8e922727c886789e6e725cdc2e8
-
SHA512
9413f8c744bd014ef827dbee04e101073dba4b6742cb416f65d108fcdfabbee2c3f0d7e1f26cdd0675de02a736ffd53dae1fdd60079a1c7c9fa5c6308ee9a7c5
-
SSDEEP
98304:dDpOZQJuC/XgnbxpPY15ehxqRDcyHzCkKrqxPLEPecklCySdV8B:dDouuEXgnbxu1wiRDvT8rqBsQCySdiB
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-