General
-
Target
8308179514d386fba1356aa4459f46f925d4a5b9a6f36733154d183c0780ac93
-
Size
4.2MB
-
Sample
230607-vn5nkadh9v
-
MD5
1d5c8c5f65ece8bd6c534c2a4dab103f
-
SHA1
cb982786f558208767bc171a4c3b718b0db0ce3f
-
SHA256
8308179514d386fba1356aa4459f46f925d4a5b9a6f36733154d183c0780ac93
-
SHA512
92d814721e2a699ca50dc2a8da642d9f405c09efb7731103624eaede318b46f4803e8501aa8437b70040a8da10b97b81d64023c0111b03339a5c96f7c2c665ae
-
SSDEEP
98304:rPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSs:7c3EciILSnqdBdamY0RyeWs
Static task
static1
Malware Config
Targets
-
-
Target
8308179514d386fba1356aa4459f46f925d4a5b9a6f36733154d183c0780ac93
-
Size
4.2MB
-
MD5
1d5c8c5f65ece8bd6c534c2a4dab103f
-
SHA1
cb982786f558208767bc171a4c3b718b0db0ce3f
-
SHA256
8308179514d386fba1356aa4459f46f925d4a5b9a6f36733154d183c0780ac93
-
SHA512
92d814721e2a699ca50dc2a8da642d9f405c09efb7731103624eaede318b46f4803e8501aa8437b70040a8da10b97b81d64023c0111b03339a5c96f7c2c665ae
-
SSDEEP
98304:rPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSs:7c3EciILSnqdBdamY0RyeWs
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-