General
-
Target
fe4d02dac0095ed31d2e5ba8cbe94770020819c675a343a5e39cbb8c9dff015b
-
Size
4.2MB
-
Sample
230607-mb3dnsab7y
-
MD5
d281eba56c714496ad2f600ec4ab28db
-
SHA1
8306c2297da68cee59250df2cbae68dcd0321772
-
SHA256
fe4d02dac0095ed31d2e5ba8cbe94770020819c675a343a5e39cbb8c9dff015b
-
SHA512
fdf67fe88c3e1854529b2eaaf2e2f547370247cf50e95d7585a5c6fa39f4fb931c03f682d5c229aa29e41f4fc951105403867c5b5100d045ff119ef92c001443
-
SSDEEP
98304:vxwPu98IQXpACiy6CclaxsM3CJSQ1+gsp/1AQGn9j4:5wPu98IQXaCBwa/CJH+gsdOF98
Static task
static1
Malware Config
Targets
-
-
Target
fe4d02dac0095ed31d2e5ba8cbe94770020819c675a343a5e39cbb8c9dff015b
-
Size
4.2MB
-
MD5
d281eba56c714496ad2f600ec4ab28db
-
SHA1
8306c2297da68cee59250df2cbae68dcd0321772
-
SHA256
fe4d02dac0095ed31d2e5ba8cbe94770020819c675a343a5e39cbb8c9dff015b
-
SHA512
fdf67fe88c3e1854529b2eaaf2e2f547370247cf50e95d7585a5c6fa39f4fb931c03f682d5c229aa29e41f4fc951105403867c5b5100d045ff119ef92c001443
-
SSDEEP
98304:vxwPu98IQXpACiy6CclaxsM3CJSQ1+gsp/1AQGn9j4:5wPu98IQXaCBwa/CJH+gsdOF98
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-