General
-
Target
7a98c492c65b4dc0b2229584d884b3d074181fc06c01fa5bfd45fc4db3888952
-
Size
4.2MB
-
Sample
230607-yjrspafg4x
-
MD5
f6aea685d4a59deec081f9967adf430f
-
SHA1
4073716af2e5b4518cb9aeb89a061fa2695d2b8c
-
SHA256
7a98c492c65b4dc0b2229584d884b3d074181fc06c01fa5bfd45fc4db3888952
-
SHA512
43a496193a210549654c5d883ff285b4f9b22f1e3c0d4e546e95a969711c4e1b80233335b6e9e0e372c0a75f81af25fe7d226e1e39c402f73d70e5ba95609d95
-
SSDEEP
98304:97xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRA:xxqd9YP+rjRfVA
Static task
static1
Malware Config
Targets
-
-
Target
7a98c492c65b4dc0b2229584d884b3d074181fc06c01fa5bfd45fc4db3888952
-
Size
4.2MB
-
MD5
f6aea685d4a59deec081f9967adf430f
-
SHA1
4073716af2e5b4518cb9aeb89a061fa2695d2b8c
-
SHA256
7a98c492c65b4dc0b2229584d884b3d074181fc06c01fa5bfd45fc4db3888952
-
SHA512
43a496193a210549654c5d883ff285b4f9b22f1e3c0d4e546e95a969711c4e1b80233335b6e9e0e372c0a75f81af25fe7d226e1e39c402f73d70e5ba95609d95
-
SSDEEP
98304:97xlQWUQJrx/VpUx5jTm4qCa4aWdF3j0chnIX4rRA:xxqd9YP+rjRfVA
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-