General
-
Target
cd4f6033779c7ca8e2097b7292a0c0a788a7318299c719ebaab2c595bb5f7b61
-
Size
4.2MB
-
Sample
230607-vc4xwsdb53
-
MD5
2bce6ecee50237f3773235f497dbaca7
-
SHA1
ee75cb7c01d773e0e03e5fa9e194f8b2c16ce295
-
SHA256
cd4f6033779c7ca8e2097b7292a0c0a788a7318299c719ebaab2c595bb5f7b61
-
SHA512
4d5a407451cdae7bfb62c91573bd4823b1ffceeebc3bb74e570e2548bf1f1a809a8d86afd82eae3de3765cf63560706ecc1d7cf68e0388b5d13ce15ace1e3f1f
-
SSDEEP
98304:7Pc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSj8:rc3EciILSnqdBdamY0RyeWY
Static task
static1
Malware Config
Targets
-
-
Target
cd4f6033779c7ca8e2097b7292a0c0a788a7318299c719ebaab2c595bb5f7b61
-
Size
4.2MB
-
MD5
2bce6ecee50237f3773235f497dbaca7
-
SHA1
ee75cb7c01d773e0e03e5fa9e194f8b2c16ce295
-
SHA256
cd4f6033779c7ca8e2097b7292a0c0a788a7318299c719ebaab2c595bb5f7b61
-
SHA512
4d5a407451cdae7bfb62c91573bd4823b1ffceeebc3bb74e570e2548bf1f1a809a8d86afd82eae3de3765cf63560706ecc1d7cf68e0388b5d13ce15ace1e3f1f
-
SSDEEP
98304:7Pc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSj8:rc3EciILSnqdBdamY0RyeWY
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-