General
-
Target
400b4a664dfa0cdff46a0d1a9067ca6144b196c19e8b26b2362a534be9a435fa
-
Size
4.1MB
-
Sample
230608-acwlasaa51
-
MD5
13f67cb6e1deec0c669d8989072d9c4d
-
SHA1
12382906ddcfdfb00a11c510134a55217f248a88
-
SHA256
400b4a664dfa0cdff46a0d1a9067ca6144b196c19e8b26b2362a534be9a435fa
-
SHA512
128444478f7ef38d99a0244ac39d19fbb15b822ebcf9d7d0045691334982a971716f1f7bd36ed6bafb5f4161eba37ae2a739d912e3af8d4f22bf603290a33866
-
SSDEEP
98304:f8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nROe:fHBTb9PiwXZgsnFBYRZ/kYe
Static task
static1
Malware Config
Targets
-
-
Target
400b4a664dfa0cdff46a0d1a9067ca6144b196c19e8b26b2362a534be9a435fa
-
Size
4.1MB
-
MD5
13f67cb6e1deec0c669d8989072d9c4d
-
SHA1
12382906ddcfdfb00a11c510134a55217f248a88
-
SHA256
400b4a664dfa0cdff46a0d1a9067ca6144b196c19e8b26b2362a534be9a435fa
-
SHA512
128444478f7ef38d99a0244ac39d19fbb15b822ebcf9d7d0045691334982a971716f1f7bd36ed6bafb5f4161eba37ae2a739d912e3af8d4f22bf603290a33866
-
SSDEEP
98304:f8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nROe:fHBTb9PiwXZgsnFBYRZ/kYe
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-