General
-
Target
0360445d03b244d7507f9136306acd554227ac215d94ff51608e1a13b4d3996e
-
Size
4.2MB
-
Sample
230607-l7km3aab5y
-
MD5
43a7a0de4839bc215ad10f2aa5d33cdd
-
SHA1
3033feac15f04dc6df99cb57eb46114dc9a5c381
-
SHA256
0360445d03b244d7507f9136306acd554227ac215d94ff51608e1a13b4d3996e
-
SHA512
919926dfbb6620d9427f4eb4b8427f904f07be5c888941fbbd0ea98d434eff64e87690dafd43e9979b322441ef8601a4168b6bd49cee06f88a9cac413bfa9dac
-
SSDEEP
98304:nxwPu98IQXpACiy6CclaxsM3CJSQ1+gsp/1AQGn9j8:xwPu98IQXaCBwa/CJH+gsdOF9w
Static task
static1
Malware Config
Targets
-
-
Target
0360445d03b244d7507f9136306acd554227ac215d94ff51608e1a13b4d3996e
-
Size
4.2MB
-
MD5
43a7a0de4839bc215ad10f2aa5d33cdd
-
SHA1
3033feac15f04dc6df99cb57eb46114dc9a5c381
-
SHA256
0360445d03b244d7507f9136306acd554227ac215d94ff51608e1a13b4d3996e
-
SHA512
919926dfbb6620d9427f4eb4b8427f904f07be5c888941fbbd0ea98d434eff64e87690dafd43e9979b322441ef8601a4168b6bd49cee06f88a9cac413bfa9dac
-
SSDEEP
98304:nxwPu98IQXpACiy6CclaxsM3CJSQ1+gsp/1AQGn9j8:xwPu98IQXaCBwa/CJH+gsdOF9w
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-