General
-
Target
ce68b751deaf2a2348603d17b574e4ed6401591a6efa3d3199f2b6639afcb359
-
Size
4.2MB
-
Sample
230607-vxll2sde44
-
MD5
c78d51dab9e8c9bb7330450202c70b92
-
SHA1
39a40466d82b732fd2a68ac9adc891af41ebc8fd
-
SHA256
ce68b751deaf2a2348603d17b574e4ed6401591a6efa3d3199f2b6639afcb359
-
SHA512
4a9667155bb597d776b0d559cb61401dbe49535b238e3a7292ddd04217fa22ac8ab145e5f0df7f157edbdee9254499e44ba0df7eea81e1c9f00ad3e85a884e3e
-
SSDEEP
98304:rPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszS/:7c3EciILSnqdBdamY0RyeW/
Static task
static1
Malware Config
Targets
-
-
Target
ce68b751deaf2a2348603d17b574e4ed6401591a6efa3d3199f2b6639afcb359
-
Size
4.2MB
-
MD5
c78d51dab9e8c9bb7330450202c70b92
-
SHA1
39a40466d82b732fd2a68ac9adc891af41ebc8fd
-
SHA256
ce68b751deaf2a2348603d17b574e4ed6401591a6efa3d3199f2b6639afcb359
-
SHA512
4a9667155bb597d776b0d559cb61401dbe49535b238e3a7292ddd04217fa22ac8ab145e5f0df7f157edbdee9254499e44ba0df7eea81e1c9f00ad3e85a884e3e
-
SSDEEP
98304:rPc9FcYO05ihGHS9WSnwj8q/RLdadqz/Y0RFELZvszS/:7c3EciILSnqdBdamY0RyeW/
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-