General
-
Target
111295953707ddddee6c7756144cefa98dfe5cab6b7bfb7a43500ea2a213efd2
-
Size
4.2MB
-
Sample
230608-f3znjace62
-
MD5
f8f476cb1d83f32fc2e5206ddb2ea73b
-
SHA1
213b4bde9e312a6589f9134fafdc93be85d38714
-
SHA256
111295953707ddddee6c7756144cefa98dfe5cab6b7bfb7a43500ea2a213efd2
-
SHA512
f54f67da8c7ac39cc4c8755dc57cda8c5d87d8e198eed41ea06659502fee138d19d5d9b1766046eda2e5dcd5bed086f97941c9ac175c7522398c8510e7efc7f9
-
SSDEEP
98304:kL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaM:Q9SJ4yTnCtCAbspfvRaM
Static task
static1
Malware Config
Targets
-
-
Target
111295953707ddddee6c7756144cefa98dfe5cab6b7bfb7a43500ea2a213efd2
-
Size
4.2MB
-
MD5
f8f476cb1d83f32fc2e5206ddb2ea73b
-
SHA1
213b4bde9e312a6589f9134fafdc93be85d38714
-
SHA256
111295953707ddddee6c7756144cefa98dfe5cab6b7bfb7a43500ea2a213efd2
-
SHA512
f54f67da8c7ac39cc4c8755dc57cda8c5d87d8e198eed41ea06659502fee138d19d5d9b1766046eda2e5dcd5bed086f97941c9ac175c7522398c8510e7efc7f9
-
SSDEEP
98304:kL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaM:Q9SJ4yTnCtCAbspfvRaM
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-