General
-
Target
fdf43365fdcb09d24bdb9fee335d7ebb39bea91336b43cdcf3fbfc024d4b9e6e
-
Size
4.2MB
-
Sample
230607-ppcfhsah7v
-
MD5
fd859f81db2fbab8845b283b6890ff3b
-
SHA1
edcb945e54bc50da83ebf8e16d53701cae2d4714
-
SHA256
fdf43365fdcb09d24bdb9fee335d7ebb39bea91336b43cdcf3fbfc024d4b9e6e
-
SHA512
c5882373fd9e63212f339d573f4c82154964f85ffdaf84f8b28490b3af38a6b4bd875d2df0b31cc27a21f736d061acf32df70dfaeee5236fa8e769c27fbb8251
-
SSDEEP
98304:3+ryqTX39hhVlc5LB/2OriIoNKDqzuQVp20mFybyM:3+fntQLB/2OfoNK2tm2
Static task
static1
Malware Config
Targets
-
-
Target
fdf43365fdcb09d24bdb9fee335d7ebb39bea91336b43cdcf3fbfc024d4b9e6e
-
Size
4.2MB
-
MD5
fd859f81db2fbab8845b283b6890ff3b
-
SHA1
edcb945e54bc50da83ebf8e16d53701cae2d4714
-
SHA256
fdf43365fdcb09d24bdb9fee335d7ebb39bea91336b43cdcf3fbfc024d4b9e6e
-
SHA512
c5882373fd9e63212f339d573f4c82154964f85ffdaf84f8b28490b3af38a6b4bd875d2df0b31cc27a21f736d061acf32df70dfaeee5236fa8e769c27fbb8251
-
SSDEEP
98304:3+ryqTX39hhVlc5LB/2OriIoNKDqzuQVp20mFybyM:3+fntQLB/2OfoNK2tm2
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-