General
-
Target
c3fbf531176436d05ad6b8b7cdf00a5b6c0f45e7c4b8af6c85829d172e14f1f6
-
Size
4.2MB
-
Sample
230607-pnw4jaad74
-
MD5
6e2214b4dc89fd5b15cd54d13208fe2f
-
SHA1
ce6b22eb779091c8bf1da50885c51cd911dcf7d0
-
SHA256
c3fbf531176436d05ad6b8b7cdf00a5b6c0f45e7c4b8af6c85829d172e14f1f6
-
SHA512
490e154f78bf82bebd4ca8581a8cbbfef75836560bc42be099e4acf588d5b18751a6bab91dc1c6b6d6614bd9cc4f4c969e60faf3be430ecf114ead850846ca10
-
SSDEEP
98304:3+ryqTX39hhVlc5LB/2OriIoNKDqzuQVp20mFybyz:3+fntQLB/2OfoNK2tmN
Static task
static1
Malware Config
Targets
-
-
Target
c3fbf531176436d05ad6b8b7cdf00a5b6c0f45e7c4b8af6c85829d172e14f1f6
-
Size
4.2MB
-
MD5
6e2214b4dc89fd5b15cd54d13208fe2f
-
SHA1
ce6b22eb779091c8bf1da50885c51cd911dcf7d0
-
SHA256
c3fbf531176436d05ad6b8b7cdf00a5b6c0f45e7c4b8af6c85829d172e14f1f6
-
SHA512
490e154f78bf82bebd4ca8581a8cbbfef75836560bc42be099e4acf588d5b18751a6bab91dc1c6b6d6614bd9cc4f4c969e60faf3be430ecf114ead850846ca10
-
SSDEEP
98304:3+ryqTX39hhVlc5LB/2OriIoNKDqzuQVp20mFybyz:3+fntQLB/2OfoNK2tmN
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-