General
-
Target
6d8572814f7202696b984beba31a573226020b658522cb2429156ea4b07a8960
-
Size
4.2MB
-
Sample
230607-ye8kmsff8s
-
MD5
c984bf9bb0d65804b93149ea27ab76af
-
SHA1
b3bd788c92be1f336e9590731d63bec71801c54c
-
SHA256
6d8572814f7202696b984beba31a573226020b658522cb2429156ea4b07a8960
-
SHA512
c15c26623c7d61a473306107379027e927210abbe8fa363dd40bf314d96fdd579ecdf2a9d7a37e92a6ddacf356f56c5949422a351efe5f4277737dfb822396c0
-
SSDEEP
98304:N7xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRA:Bxqd9YP+rjRfVA
Static task
static1
Malware Config
Targets
-
-
Target
6d8572814f7202696b984beba31a573226020b658522cb2429156ea4b07a8960
-
Size
4.2MB
-
MD5
c984bf9bb0d65804b93149ea27ab76af
-
SHA1
b3bd788c92be1f336e9590731d63bec71801c54c
-
SHA256
6d8572814f7202696b984beba31a573226020b658522cb2429156ea4b07a8960
-
SHA512
c15c26623c7d61a473306107379027e927210abbe8fa363dd40bf314d96fdd579ecdf2a9d7a37e92a6ddacf356f56c5949422a351efe5f4277737dfb822396c0
-
SSDEEP
98304:N7xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRA:Bxqd9YP+rjRfVA
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-