General
-
Target
e1257b84640857d9ca69f0e5c3ed157a09d5b423cccb527b133af311738ac0e3
-
Size
4.2MB
-
Sample
230607-v2kkjseb5t
-
MD5
7f51ce5cf17da3e810f4a234a42cc650
-
SHA1
68b80cfeccd29226a75edea4e52f8f1ed6f538b1
-
SHA256
e1257b84640857d9ca69f0e5c3ed157a09d5b423cccb527b133af311738ac0e3
-
SHA512
3d9caacfc1a5ee323b2cada28b24749ed20d64caacc5c495764e3240da41dbb5c003e473f87a0ba47d696ccbb69c610565a38ca2a48b3b86fc39f488bb47b760
-
SSDEEP
98304:zPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSl:Tc3EciILSnqdBdamY0RyeWl
Static task
static1
Malware Config
Targets
-
-
Target
e1257b84640857d9ca69f0e5c3ed157a09d5b423cccb527b133af311738ac0e3
-
Size
4.2MB
-
MD5
7f51ce5cf17da3e810f4a234a42cc650
-
SHA1
68b80cfeccd29226a75edea4e52f8f1ed6f538b1
-
SHA256
e1257b84640857d9ca69f0e5c3ed157a09d5b423cccb527b133af311738ac0e3
-
SHA512
3d9caacfc1a5ee323b2cada28b24749ed20d64caacc5c495764e3240da41dbb5c003e473f87a0ba47d696ccbb69c610565a38ca2a48b3b86fc39f488bb47b760
-
SSDEEP
98304:zPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSl:Tc3EciILSnqdBdamY0RyeWl
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-