General
-
Target
432a1dc62c6514926bd12cc4330db62cccca5dc15933140375d9a10e48dce81c
-
Size
4.1MB
-
Sample
230608-aencpshe67
-
MD5
f91e3215dd77d175a18c63f4fb63ca2e
-
SHA1
3b765c51f94c6516bc681800da287320a82402bc
-
SHA256
432a1dc62c6514926bd12cc4330db62cccca5dc15933140375d9a10e48dce81c
-
SHA512
27de16a55404c87d52df8209b47accb3ce65168f874aaa72d55ff6a5f4a9b5a8c4afadd3fd49e9247728e7843aefc28b31dd201713a1c82c3a271b06fdb25a95
-
SSDEEP
98304:f8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nRO/:fHBTb9PiwXZgsnFBYRZ/kY/
Static task
static1
Malware Config
Targets
-
-
Target
432a1dc62c6514926bd12cc4330db62cccca5dc15933140375d9a10e48dce81c
-
Size
4.1MB
-
MD5
f91e3215dd77d175a18c63f4fb63ca2e
-
SHA1
3b765c51f94c6516bc681800da287320a82402bc
-
SHA256
432a1dc62c6514926bd12cc4330db62cccca5dc15933140375d9a10e48dce81c
-
SHA512
27de16a55404c87d52df8209b47accb3ce65168f874aaa72d55ff6a5f4a9b5a8c4afadd3fd49e9247728e7843aefc28b31dd201713a1c82c3a271b06fdb25a95
-
SSDEEP
98304:f8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nRO/:fHBTb9PiwXZgsnFBYRZ/kY/
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-