General
-
Target
7a121882987ead3131eceae53a51138809cb1190fda66310eab4d67a7fac36bd
-
Size
4.2MB
-
Sample
230607-pykhgsbb3t
-
MD5
ae2754e4ca5cd944a95efe80dc903531
-
SHA1
35029bc315dd79314cebde11a3272cf5319abf54
-
SHA256
7a121882987ead3131eceae53a51138809cb1190fda66310eab4d67a7fac36bd
-
SHA512
41f0b1148d12b895385114ce1537cff98643455d00877aae67dd964721524c9503708da03a92088cd0546d270f865671f8cf298d5f0ac207568260f77ad9e642
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYe:742GQAvSM1iXFgQUplwOP4IMrYe
Static task
static1
Malware Config
Targets
-
-
Target
7a121882987ead3131eceae53a51138809cb1190fda66310eab4d67a7fac36bd
-
Size
4.2MB
-
MD5
ae2754e4ca5cd944a95efe80dc903531
-
SHA1
35029bc315dd79314cebde11a3272cf5319abf54
-
SHA256
7a121882987ead3131eceae53a51138809cb1190fda66310eab4d67a7fac36bd
-
SHA512
41f0b1148d12b895385114ce1537cff98643455d00877aae67dd964721524c9503708da03a92088cd0546d270f865671f8cf298d5f0ac207568260f77ad9e642
-
SSDEEP
98304:75utYctoVARBg2MaaK1g5FJFgQb/OdplY5OuY4di3MrYe:742GQAvSM1iXFgQUplwOP4IMrYe
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-