General
-
Target
c75bc7080a9f60cf3031974e3896680955e839b4a31e7a38a381fef38d3edf5d
-
Size
4.2MB
-
Sample
230607-l54yxshe79
-
MD5
25d863d3cb96fc35b27286407e338102
-
SHA1
b71b13cb164f3356c5ffe45a417d946c145f73af
-
SHA256
c75bc7080a9f60cf3031974e3896680955e839b4a31e7a38a381fef38d3edf5d
-
SHA512
3bd00a6d734d8ea3a0bb8db72dffc00383b1adcdb965d82e6d6e3b279c498e9c0144d5f640fa09525ecc6f4d3e78193830c0bf33d57c7b10f6d96e20ab4dfeb8
-
SSDEEP
98304:vxwPu98IQXpACiy6CclaxsM3CJSQ1+gsp/1AQGn9j3:5wPu98IQXaCBwa/CJH+gsdOF9L
Static task
static1
Malware Config
Targets
-
-
Target
c75bc7080a9f60cf3031974e3896680955e839b4a31e7a38a381fef38d3edf5d
-
Size
4.2MB
-
MD5
25d863d3cb96fc35b27286407e338102
-
SHA1
b71b13cb164f3356c5ffe45a417d946c145f73af
-
SHA256
c75bc7080a9f60cf3031974e3896680955e839b4a31e7a38a381fef38d3edf5d
-
SHA512
3bd00a6d734d8ea3a0bb8db72dffc00383b1adcdb965d82e6d6e3b279c498e9c0144d5f640fa09525ecc6f4d3e78193830c0bf33d57c7b10f6d96e20ab4dfeb8
-
SSDEEP
98304:vxwPu98IQXpACiy6CclaxsM3CJSQ1+gsp/1AQGn9j3:5wPu98IQXaCBwa/CJH+gsdOF9L
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-