General
-
Target
7c93831dcd5854f6ef2442eb9d84c227314519908f2510c68d43c382616a72a0
-
Size
4.1MB
-
Sample
230607-ywjb3sga3w
-
MD5
e2804c2b6893229ed47ebfc4ad88460a
-
SHA1
b43586b86eb8fc0a7d571f113d8284dd961f0048
-
SHA256
7c93831dcd5854f6ef2442eb9d84c227314519908f2510c68d43c382616a72a0
-
SHA512
306b59eca02a144c12e71b0a8469c1071135142b29fcea90c60d8370ef6f57a90266b0f94dabe5a7bb565f6c65a9ba7f203ae06b1cd3e2ad685986772cf4b898
-
SSDEEP
98304:XV0kmJ+lypSNjdXPFOPJebab0px9wmc+n8YxrkbK2edAQcAk:9BUUNjSheOR48v+9dAMk
Static task
static1
Malware Config
Targets
-
-
Target
7c93831dcd5854f6ef2442eb9d84c227314519908f2510c68d43c382616a72a0
-
Size
4.1MB
-
MD5
e2804c2b6893229ed47ebfc4ad88460a
-
SHA1
b43586b86eb8fc0a7d571f113d8284dd961f0048
-
SHA256
7c93831dcd5854f6ef2442eb9d84c227314519908f2510c68d43c382616a72a0
-
SHA512
306b59eca02a144c12e71b0a8469c1071135142b29fcea90c60d8370ef6f57a90266b0f94dabe5a7bb565f6c65a9ba7f203ae06b1cd3e2ad685986772cf4b898
-
SSDEEP
98304:XV0kmJ+lypSNjdXPFOPJebab0px9wmc+n8YxrkbK2edAQcAk:9BUUNjSheOR48v+9dAMk
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-