General
-
Target
751e7cede6ec4e8349556a9bc04ba36d00a7f4cc7aef1cf99277736484665e01
-
Size
4.2MB
-
Sample
230607-pwxp2aae84
-
MD5
ed03c9d14b033d20fcb5d72a54aa8bff
-
SHA1
c0da7141930114ecbb352fc863a0a1a9539a6519
-
SHA256
751e7cede6ec4e8349556a9bc04ba36d00a7f4cc7aef1cf99277736484665e01
-
SHA512
3c4c56cebf17bef512bc45342c90593eb9683985d29702739172668db68c3fd34c65e4831802054317e6323ad5ca8234a2e12601c4983fc752d796e7faf7c934
-
SSDEEP
98304:z5utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYM:z42GQAvSM1iXFgQUplwOP4IMrYM
Static task
static1
Malware Config
Targets
-
-
Target
751e7cede6ec4e8349556a9bc04ba36d00a7f4cc7aef1cf99277736484665e01
-
Size
4.2MB
-
MD5
ed03c9d14b033d20fcb5d72a54aa8bff
-
SHA1
c0da7141930114ecbb352fc863a0a1a9539a6519
-
SHA256
751e7cede6ec4e8349556a9bc04ba36d00a7f4cc7aef1cf99277736484665e01
-
SHA512
3c4c56cebf17bef512bc45342c90593eb9683985d29702739172668db68c3fd34c65e4831802054317e6323ad5ca8234a2e12601c4983fc752d796e7faf7c934
-
SSDEEP
98304:z5utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYM:z42GQAvSM1iXFgQUplwOP4IMrYM
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-