General
-
Target
1164727f70af2a78731e37d08f23512ad7164474daadb8e2b81ef281a4b4e4a1
-
Size
4.1MB
-
Sample
230607-yqqtzafh4s
-
MD5
1d4fe8c50a7b9234cfcdf2a9eeee8851
-
SHA1
50b8ddf1ad27e858e805ac450672cc235bf5e621
-
SHA256
1164727f70af2a78731e37d08f23512ad7164474daadb8e2b81ef281a4b4e4a1
-
SHA512
4a0ecd51b52e5b1e322c211d5f6fb541cc7ceaaabd4b1f4a5df7ca807e39fe69232030a9b0a33e9bc737b9758aba1f68eb9c8df99a7514dfbd7dd15dd454edf2
-
SSDEEP
98304:XV0kmJ+lypSNjdXPFOPJebab0px9wmc+n8YxrkbK2edAQcAK:9BUUNjSheOR48v+9dAMK
Static task
static1
Malware Config
Targets
-
-
Target
1164727f70af2a78731e37d08f23512ad7164474daadb8e2b81ef281a4b4e4a1
-
Size
4.1MB
-
MD5
1d4fe8c50a7b9234cfcdf2a9eeee8851
-
SHA1
50b8ddf1ad27e858e805ac450672cc235bf5e621
-
SHA256
1164727f70af2a78731e37d08f23512ad7164474daadb8e2b81ef281a4b4e4a1
-
SHA512
4a0ecd51b52e5b1e322c211d5f6fb541cc7ceaaabd4b1f4a5df7ca807e39fe69232030a9b0a33e9bc737b9758aba1f68eb9c8df99a7514dfbd7dd15dd454edf2
-
SSDEEP
98304:XV0kmJ+lypSNjdXPFOPJebab0px9wmc+n8YxrkbK2edAQcAK:9BUUNjSheOR48v+9dAMK
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-