General
-
Target
75dccf21be33fb6ceb1c5b942bc71f9e7c8a0689bf956b9533c9333c298c646c
-
Size
4.2MB
-
Sample
230607-l2ql5aab4v
-
MD5
991739dfaff5832b721e9c7acab1db9a
-
SHA1
d5b03789569d6f8cdc0cd9bea00347f5eb7ae2a9
-
SHA256
75dccf21be33fb6ceb1c5b942bc71f9e7c8a0689bf956b9533c9333c298c646c
-
SHA512
307625130036db697d1af28f02679a228a777bfed7e02ee16cdf761ba97c8099ebb34cf1bbf695dbf85099df022dbc0847f5eb17d8e8338122abf09b2abfe944
-
SSDEEP
98304:+dEol8irRkCGmAYaU1vro2lE6c40dn6DSM/RTS0A/0:+dNlhM1YazR6cRdDMJS5/0
Static task
static1
Malware Config
Targets
-
-
Target
75dccf21be33fb6ceb1c5b942bc71f9e7c8a0689bf956b9533c9333c298c646c
-
Size
4.2MB
-
MD5
991739dfaff5832b721e9c7acab1db9a
-
SHA1
d5b03789569d6f8cdc0cd9bea00347f5eb7ae2a9
-
SHA256
75dccf21be33fb6ceb1c5b942bc71f9e7c8a0689bf956b9533c9333c298c646c
-
SHA512
307625130036db697d1af28f02679a228a777bfed7e02ee16cdf761ba97c8099ebb34cf1bbf695dbf85099df022dbc0847f5eb17d8e8338122abf09b2abfe944
-
SSDEEP
98304:+dEol8irRkCGmAYaU1vro2lE6c40dn6DSM/RTS0A/0:+dNlhM1YazR6cRdDMJS5/0
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-