General
-
Target
f0d922a17e075073a1fc0295fc2c75d6a48bcd9c64858e46b7f00c830ce2d740
-
Size
4MB
-
Sample
230608-aepwjahe68
-
MD5
6b071493d405d77ddd64c0caf284a803
-
SHA1
2a6f9c66ea7f774efc8ecd05e1bccc5320f9504c
-
SHA256
f0d922a17e075073a1fc0295fc2c75d6a48bcd9c64858e46b7f00c830ce2d740
-
SHA512
0d8b96771fae71644c83517d5bd18ee69e20f38a7e58b09fb1f84e0b074ae7f546d1497fb467e4da55bb96bb0e6da4cc6fcf8e4847fee9a1babcf8468b6c33bf
-
SSDEEP
98304:X8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nROC:XHBTb9PiwXZgsnFBYRZ/kYC
Static task
static1
Malware Config
Targets
-
-
Target
f0d922a17e075073a1fc0295fc2c75d6a48bcd9c64858e46b7f00c830ce2d740
-
Size
4MB
-
MD5
6b071493d405d77ddd64c0caf284a803
-
SHA1
2a6f9c66ea7f774efc8ecd05e1bccc5320f9504c
-
SHA256
f0d922a17e075073a1fc0295fc2c75d6a48bcd9c64858e46b7f00c830ce2d740
-
SHA512
0d8b96771fae71644c83517d5bd18ee69e20f38a7e58b09fb1f84e0b074ae7f546d1497fb467e4da55bb96bb0e6da4cc6fcf8e4847fee9a1babcf8468b6c33bf
-
SSDEEP
98304:X8GtT7KONvb9Pix2XoCrEsQYjOARBWTRZ/y7nROC:XHBTb9PiwXZgsnFBYRZ/kYC
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-