General
-
Target
52ff6a2fbeec4904f67f9436a8b2268e6da7f0edee3eccc499570a1ea190e22b
-
Size
4.2MB
-
Sample
230607-p1fmbabb4z
-
MD5
1a5a6d8912150e807a779b50c98af5c9
-
SHA1
b926db267a8ebf82a6be77fd996fecf13c46011a
-
SHA256
52ff6a2fbeec4904f67f9436a8b2268e6da7f0edee3eccc499570a1ea190e22b
-
SHA512
61d429b494a9f69c306fff07f85805443713593b561a6e17bceaf81f7b22c66064d3556dd85913d5e4753d7ea39b12f0cb1c80b04c3faaad72f8bf2847fbbf93
-
SSDEEP
98304:r5utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrY2:r42GQAvSM1iXFgQUplwOP4IMrY2
Static task
static1
Malware Config
Targets
-
-
Target
52ff6a2fbeec4904f67f9436a8b2268e6da7f0edee3eccc499570a1ea190e22b
-
Size
4.2MB
-
MD5
1a5a6d8912150e807a779b50c98af5c9
-
SHA1
b926db267a8ebf82a6be77fd996fecf13c46011a
-
SHA256
52ff6a2fbeec4904f67f9436a8b2268e6da7f0edee3eccc499570a1ea190e22b
-
SHA512
61d429b494a9f69c306fff07f85805443713593b561a6e17bceaf81f7b22c66064d3556dd85913d5e4753d7ea39b12f0cb1c80b04c3faaad72f8bf2847fbbf93
-
SSDEEP
98304:r5utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrY2:r42GQAvSM1iXFgQUplwOP4IMrY2
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-