General
-
Target
f1d96315e349f925324e2dafc8d79c62f5452c1bff6f2bad6410c515399982ae
-
Size
4.2MB
-
Sample
230607-yjgmqafg31
-
MD5
3ecfb1c42ed4a76062a503b6010e8378
-
SHA1
d6484ad8b903631d14c6f892770c8d0268cb9f3d
-
SHA256
f1d96315e349f925324e2dafc8d79c62f5452c1bff6f2bad6410c515399982ae
-
SHA512
3abe53d614c45757d689f48051db157ee15c647aab99ddcd585e1749fbd143b1438a1801587103053a25cc5651a491d762029cd7e379c7a32dbcc8553b126c0b
-
SSDEEP
98304:N7xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRT:Bxqd9YP+rjRfVT
Static task
static1
Malware Config
Targets
-
-
Target
f1d96315e349f925324e2dafc8d79c62f5452c1bff6f2bad6410c515399982ae
-
Size
4.2MB
-
MD5
3ecfb1c42ed4a76062a503b6010e8378
-
SHA1
d6484ad8b903631d14c6f892770c8d0268cb9f3d
-
SHA256
f1d96315e349f925324e2dafc8d79c62f5452c1bff6f2bad6410c515399982ae
-
SHA512
3abe53d614c45757d689f48051db157ee15c647aab99ddcd585e1749fbd143b1438a1801587103053a25cc5651a491d762029cd7e379c7a32dbcc8553b126c0b
-
SSDEEP
98304:N7xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRT:Bxqd9YP+rjRfVT
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-