General
-
Target
cf6b30f1d998074487f24f35bb9e953b3717591f72b1f2eeb5a33033a7cd3805
-
Size
4.2MB
-
Sample
230607-pw1rpaae86
-
MD5
bfc7b6d24e033554deecd6a1ab0914e0
-
SHA1
99926068e058be851570627b753818b0912418e8
-
SHA256
cf6b30f1d998074487f24f35bb9e953b3717591f72b1f2eeb5a33033a7cd3805
-
SHA512
7f6d7c440d9af6ca9eb42516a19f833f8482f502a0570513bb2d88330022d0f8762e49220b61cee99214ec5926d227d2345a7c3252efcbe0365ada397eb69f2f
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYa:742GQAvSM1iXFgQUplwOP4IMrYa
Static task
static1
Malware Config
Targets
-
-
Target
cf6b30f1d998074487f24f35bb9e953b3717591f72b1f2eeb5a33033a7cd3805
-
Size
4.2MB
-
MD5
bfc7b6d24e033554deecd6a1ab0914e0
-
SHA1
99926068e058be851570627b753818b0912418e8
-
SHA256
cf6b30f1d998074487f24f35bb9e953b3717591f72b1f2eeb5a33033a7cd3805
-
SHA512
7f6d7c440d9af6ca9eb42516a19f833f8482f502a0570513bb2d88330022d0f8762e49220b61cee99214ec5926d227d2345a7c3252efcbe0365ada397eb69f2f
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYa:742GQAvSM1iXFgQUplwOP4IMrYa
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-