General
-
Target
51567301eda5293a0d63c7d7be19c2451b902bf29b5327d8c08ff7a27d3d5186
-
Size
4.2MB
-
Sample
230607-mpngnsac3w
-
MD5
bb0c8314ce4983cae8f0e477680131f9
-
SHA1
3e67c28f643b059a54894d6bc960edae6034c1ac
-
SHA256
51567301eda5293a0d63c7d7be19c2451b902bf29b5327d8c08ff7a27d3d5186
-
SHA512
00d44d6ce5a5513cf2471fbbe9a851c046644ca548ab3607a27b4abeb4c491b1eead1307a11f929652141a46e219216a1d19bbdcb553d226a915e4eb0e44764c
-
SSDEEP
98304:17cjpnWTod4g2pxfbBxBg9mIiQMFSS/eeWhT:l4pnQn9xB8w/epx
Static task
static1
Malware Config
Targets
-
-
Target
51567301eda5293a0d63c7d7be19c2451b902bf29b5327d8c08ff7a27d3d5186
-
Size
4.2MB
-
MD5
bb0c8314ce4983cae8f0e477680131f9
-
SHA1
3e67c28f643b059a54894d6bc960edae6034c1ac
-
SHA256
51567301eda5293a0d63c7d7be19c2451b902bf29b5327d8c08ff7a27d3d5186
-
SHA512
00d44d6ce5a5513cf2471fbbe9a851c046644ca548ab3607a27b4abeb4c491b1eead1307a11f929652141a46e219216a1d19bbdcb553d226a915e4eb0e44764c
-
SSDEEP
98304:17cjpnWTod4g2pxfbBxBg9mIiQMFSS/eeWhT:l4pnQn9xB8w/epx
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-