General
-
Target
1cc8df3c64e1a8d8e595a6e5613ae4474df8b2e0a22496c6f856850bc65dc780
-
Size
4.1MB
-
Sample
230607-y2mxfsfe39
-
MD5
69689251d4eca129ed7a3f8a2cf34afd
-
SHA1
6da316b0ee67ca01834764b32f4738f69ce01113
-
SHA256
1cc8df3c64e1a8d8e595a6e5613ae4474df8b2e0a22496c6f856850bc65dc780
-
SHA512
4c958d09cc2ed5f931115b62b1c3e588beac5d111657d0c344b2d0ff883412090e86dbd6d640165ea14aaf593578ccb8986cf29807fb56ba8f41746f61afae07
-
SSDEEP
98304:XV0kmJ+lypSNjdXPFOPJebab0px9wmc+n8YxrkbK2edAQcAW:9BUUNjSheOR48v+9dAMW
Static task
static1
Malware Config
Targets
-
-
Target
1cc8df3c64e1a8d8e595a6e5613ae4474df8b2e0a22496c6f856850bc65dc780
-
Size
4.1MB
-
MD5
69689251d4eca129ed7a3f8a2cf34afd
-
SHA1
6da316b0ee67ca01834764b32f4738f69ce01113
-
SHA256
1cc8df3c64e1a8d8e595a6e5613ae4474df8b2e0a22496c6f856850bc65dc780
-
SHA512
4c958d09cc2ed5f931115b62b1c3e588beac5d111657d0c344b2d0ff883412090e86dbd6d640165ea14aaf593578ccb8986cf29807fb56ba8f41746f61afae07
-
SSDEEP
98304:XV0kmJ+lypSNjdXPFOPJebab0px9wmc+n8YxrkbK2edAQcAW:9BUUNjSheOR48v+9dAMW
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-