General
-
Target
76310f92a6b1241f7546acaef8c00c8f4461c5b51bbf3fedbfe1f9d162fcd3f2
-
Size
4.2MB
-
Sample
230607-yavszsfa74
-
MD5
71108a6217ea6cb3b1427b0e8085606c
-
SHA1
f0ef2589eed64e72d7e4040913ee748e31447bd9
-
SHA256
76310f92a6b1241f7546acaef8c00c8f4461c5b51bbf3fedbfe1f9d162fcd3f2
-
SHA512
88fc9b9ff9cb7dd3bf69a15a5145b306010679aeaae2c16b190b4799217d8c57c6921a523314af92fea3597df48cda53ee40a699b56bc4d9904a9d5d91a01873
-
SSDEEP
98304:l7xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRu:Jxqd9YP+rjRfVu
Static task
static1
Malware Config
Targets
-
-
Target
76310f92a6b1241f7546acaef8c00c8f4461c5b51bbf3fedbfe1f9d162fcd3f2
-
Size
4.2MB
-
MD5
71108a6217ea6cb3b1427b0e8085606c
-
SHA1
f0ef2589eed64e72d7e4040913ee748e31447bd9
-
SHA256
76310f92a6b1241f7546acaef8c00c8f4461c5b51bbf3fedbfe1f9d162fcd3f2
-
SHA512
88fc9b9ff9cb7dd3bf69a15a5145b306010679aeaae2c16b190b4799217d8c57c6921a523314af92fea3597df48cda53ee40a699b56bc4d9904a9d5d91a01873
-
SSDEEP
98304:l7xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRu:Jxqd9YP+rjRfVu
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-