General
-
Target
4dde2ef7c46b814540d94c94f1a3546c8bfe1795494b7e5cf14583c536a0ff23
-
Size
4.2MB
-
Sample
230607-p8rpjsbc3z
-
MD5
30f61d25c72007f9101134e92bc701a1
-
SHA1
f78488e93a85239cd075468305e7c71070a83a58
-
SHA256
4dde2ef7c46b814540d94c94f1a3546c8bfe1795494b7e5cf14583c536a0ff23
-
SHA512
c56f2fb086d2a984b5b1d6d0e8940658cbded585bb261c704434e092df4696dda14c0de06542eba75d97826fb01c38f3af49b77b2f802f615682ded1c4d4fe5d
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYn:742GQAvSM1iXFgQUplwOP4IMrYn
Static task
static1
Malware Config
Targets
-
-
Target
4dde2ef7c46b814540d94c94f1a3546c8bfe1795494b7e5cf14583c536a0ff23
-
Size
4.2MB
-
MD5
30f61d25c72007f9101134e92bc701a1
-
SHA1
f78488e93a85239cd075468305e7c71070a83a58
-
SHA256
4dde2ef7c46b814540d94c94f1a3546c8bfe1795494b7e5cf14583c536a0ff23
-
SHA512
c56f2fb086d2a984b5b1d6d0e8940658cbded585bb261c704434e092df4696dda14c0de06542eba75d97826fb01c38f3af49b77b2f802f615682ded1c4d4fe5d
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYn:742GQAvSM1iXFgQUplwOP4IMrYn
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-