General
-
Target
7b0d6019679894863cf64be1fbc01bebdfa15d0c19ecce8e5900007f25d7610b
-
Size
4.2MB
-
Sample
230607-vd64msdb83
-
MD5
710fd0e5302cf4f44e9a5745cf4c9db4
-
SHA1
e1dab653c181a3146b78e71be1b1d6d31ec94c65
-
SHA256
7b0d6019679894863cf64be1fbc01bebdfa15d0c19ecce8e5900007f25d7610b
-
SHA512
d948f83f477ce4303c038268dcac71ee6569513a29691ab1b68afdc1a78018f1a5c577ccedfb157cbafb0683addcc6d9fcd36afafd3ec6e95c2fb3adef760db6
-
SSDEEP
98304:7Pc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSv:rc3EciILSnqdBdamY0RyeWv
Static task
static1
Malware Config
Targets
-
-
Target
7b0d6019679894863cf64be1fbc01bebdfa15d0c19ecce8e5900007f25d7610b
-
Size
4.2MB
-
MD5
710fd0e5302cf4f44e9a5745cf4c9db4
-
SHA1
e1dab653c181a3146b78e71be1b1d6d31ec94c65
-
SHA256
7b0d6019679894863cf64be1fbc01bebdfa15d0c19ecce8e5900007f25d7610b
-
SHA512
d948f83f477ce4303c038268dcac71ee6569513a29691ab1b68afdc1a78018f1a5c577ccedfb157cbafb0683addcc6d9fcd36afafd3ec6e95c2fb3adef760db6
-
SSDEEP
98304:7Pc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSv:rc3EciILSnqdBdamY0RyeWv
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-