General
-
Target
c10b33e2fe10196a2aff7a91a6121f77f88d17c46b7c08cad016030863044985
-
Size
4.2MB
-
Sample
230607-pxtd1aae96
-
MD5
96e995f1301844c4f79f769579576731
-
SHA1
958981c830e579362981710a19d483d2d63cdffd
-
SHA256
c10b33e2fe10196a2aff7a91a6121f77f88d17c46b7c08cad016030863044985
-
SHA512
0914eb31518155176d4e764eb6a75a83b8a14b7f01962dddc081d90f0b7585c4a9ab5a24061de186f6e5b46dedd688f77e2c33a763a16d332ae24c6300b5b070
-
SSDEEP
98304:L5utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYq:L42GQAvSM1iXFgQUplwOP4IMrYq
Static task
static1
Malware Config
Targets
-
-
Target
c10b33e2fe10196a2aff7a91a6121f77f88d17c46b7c08cad016030863044985
-
Size
4.2MB
-
MD5
96e995f1301844c4f79f769579576731
-
SHA1
958981c830e579362981710a19d483d2d63cdffd
-
SHA256
c10b33e2fe10196a2aff7a91a6121f77f88d17c46b7c08cad016030863044985
-
SHA512
0914eb31518155176d4e764eb6a75a83b8a14b7f01962dddc081d90f0b7585c4a9ab5a24061de186f6e5b46dedd688f77e2c33a763a16d332ae24c6300b5b070
-
SSDEEP
98304:L5utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYq:L42GQAvSM1iXFgQUplwOP4IMrYq
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-