General
-
Target
a3a09295c887a3d556b2339bf3893af1a1133799ee048c610fb4031af6185dc4
-
Size
4.2MB
-
Sample
230607-pwq79aae79
-
MD5
cd8e02f7fdb85c6c374cbad80f8d5828
-
SHA1
241033a4f60d76734fef911c1e33868bffcd0c19
-
SHA256
a3a09295c887a3d556b2339bf3893af1a1133799ee048c610fb4031af6185dc4
-
SHA512
9c2cae6099be297e62e1f5f5081e6b03bf8f510f7a775a889f173aeea8f3941e5bf9794bfa13b12a898825fab0e84dad6e7178155de1be82662b764ffa1e0cd7
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrY0:742GQAvSM1iXFgQUplwOP4IMrY0
Static task
static1
Malware Config
Targets
-
-
Target
a3a09295c887a3d556b2339bf3893af1a1133799ee048c610fb4031af6185dc4
-
Size
4.2MB
-
MD5
cd8e02f7fdb85c6c374cbad80f8d5828
-
SHA1
241033a4f60d76734fef911c1e33868bffcd0c19
-
SHA256
a3a09295c887a3d556b2339bf3893af1a1133799ee048c610fb4031af6185dc4
-
SHA512
9c2cae6099be297e62e1f5f5081e6b03bf8f510f7a775a889f173aeea8f3941e5bf9794bfa13b12a898825fab0e84dad6e7178155de1be82662b764ffa1e0cd7
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrY0:742GQAvSM1iXFgQUplwOP4IMrY0
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-