General
-
Target
fca2fc0f05ca0a74c761e19c46e5b788ddc2e10df6f8b28bfca071bc244cfafb
-
Size
4.2MB
-
Sample
230607-mrtrgaac4t
-
MD5
aaceb72c8e831fd61fefbcc55f052b2f
-
SHA1
62f158b2b241671f138166ab26ad9316a27698a3
-
SHA256
fca2fc0f05ca0a74c761e19c46e5b788ddc2e10df6f8b28bfca071bc244cfafb
-
SHA512
3fd75ad45e852254c7a6b2685d262150ef82a76067d9f6cdb8a88514f8f8abbb947f3653ea30fdf07eec2779fa5009e7dc488c8d74e34f36e81c233dc319aeae
-
SSDEEP
98304:F7cjpnWTod4g2pxfbBxBg9mIiQMFSS/eeWh9:V4pnQn9xB8w/epD
Static task
static1
Malware Config
Targets
-
-
Target
fca2fc0f05ca0a74c761e19c46e5b788ddc2e10df6f8b28bfca071bc244cfafb
-
Size
4.2MB
-
MD5
aaceb72c8e831fd61fefbcc55f052b2f
-
SHA1
62f158b2b241671f138166ab26ad9316a27698a3
-
SHA256
fca2fc0f05ca0a74c761e19c46e5b788ddc2e10df6f8b28bfca071bc244cfafb
-
SHA512
3fd75ad45e852254c7a6b2685d262150ef82a76067d9f6cdb8a88514f8f8abbb947f3653ea30fdf07eec2779fa5009e7dc488c8d74e34f36e81c233dc319aeae
-
SSDEEP
98304:F7cjpnWTod4g2pxfbBxBg9mIiQMFSS/eeWh9:V4pnQn9xB8w/epD
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-