General
-
Target
5ac73b3789035081fe14ad5beba92b48a0cab2ce0c10970c011e77cdef1662c6
-
Size
4.2MB
-
Sample
230607-venzfsdb97
-
MD5
b983ad27fb81f23f5585438be093e576
-
SHA1
19c9f0de36ad9f96ae243ba31309625e41547cbf
-
SHA256
5ac73b3789035081fe14ad5beba92b48a0cab2ce0c10970c011e77cdef1662c6
-
SHA512
af17c05583cc66b03cadb6aa1c3d8513389447f444b19059cfa6461be93b8378a8ddc6da83b73ce7663b0bf7995b966a34772923b7e41a195d3fc4df49f0d8e5
-
SSDEEP
98304:7Pc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSR:rc3EciILSnqdBdamY0RyeWR
Static task
static1
Malware Config
Targets
-
-
Target
5ac73b3789035081fe14ad5beba92b48a0cab2ce0c10970c011e77cdef1662c6
-
Size
4.2MB
-
MD5
b983ad27fb81f23f5585438be093e576
-
SHA1
19c9f0de36ad9f96ae243ba31309625e41547cbf
-
SHA256
5ac73b3789035081fe14ad5beba92b48a0cab2ce0c10970c011e77cdef1662c6
-
SHA512
af17c05583cc66b03cadb6aa1c3d8513389447f444b19059cfa6461be93b8378a8ddc6da83b73ce7663b0bf7995b966a34772923b7e41a195d3fc4df49f0d8e5
-
SSDEEP
98304:7Pc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSR:rc3EciILSnqdBdamY0RyeWR
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-