General
-
Target
c5b14e919b60d424f54d5464d7dc2e5c0265c5858fe7a1aca1a661cb95cb41db
-
Size
4.2MB
-
Sample
230607-vs7nqaea5z
-
MD5
366751691b654ef970d09899a661ecb4
-
SHA1
17c566d0fa0b8f73330d319081c3223664f7d71e
-
SHA256
c5b14e919b60d424f54d5464d7dc2e5c0265c5858fe7a1aca1a661cb95cb41db
-
SHA512
0c751e0dc507b94392d9e9199acce414e7c19b68fd1c1935d496ff34ec2b088d14c1e11862fd82176008e94eccc550fe5f054e50c66cadde54c21df34ebd2ce0
-
SSDEEP
98304:rPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSP:7c3EciILSnqdBdamY0RyeWP
Static task
static1
Malware Config
Targets
-
-
Target
c5b14e919b60d424f54d5464d7dc2e5c0265c5858fe7a1aca1a661cb95cb41db
-
Size
4.2MB
-
MD5
366751691b654ef970d09899a661ecb4
-
SHA1
17c566d0fa0b8f73330d319081c3223664f7d71e
-
SHA256
c5b14e919b60d424f54d5464d7dc2e5c0265c5858fe7a1aca1a661cb95cb41db
-
SHA512
0c751e0dc507b94392d9e9199acce414e7c19b68fd1c1935d496ff34ec2b088d14c1e11862fd82176008e94eccc550fe5f054e50c66cadde54c21df34ebd2ce0
-
SSDEEP
98304:rPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszSP:7c3EciILSnqdBdamY0RyeWP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-