General
-
Target
1921b018fcc9a1e518ae581d1ba8cad7efc434cce4035ed39bbd8e05b61cb27d
-
Size
4.2MB
-
Sample
230608-f4c6xsce67
-
MD5
40bd9a86d1c96bc74058ba2425503a48
-
SHA1
8cdc5adf70a56e0f7caeb8126e84d02971b6283a
-
SHA256
1921b018fcc9a1e518ae581d1ba8cad7efc434cce4035ed39bbd8e05b61cb27d
-
SHA512
c74ac3afbfd44b15f6a6b133292db036c2900f9bf28be5449f0ebb640ce15d81b94bedba75671faa4e4c2a7b5c827fbd97144053f82f103257de7e6d5c1aeba6
-
SSDEEP
98304:cL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaL:I9SJ4yTnCtCAbspfvRaL
Static task
static1
Malware Config
Targets
-
-
Target
1921b018fcc9a1e518ae581d1ba8cad7efc434cce4035ed39bbd8e05b61cb27d
-
Size
4.2MB
-
MD5
40bd9a86d1c96bc74058ba2425503a48
-
SHA1
8cdc5adf70a56e0f7caeb8126e84d02971b6283a
-
SHA256
1921b018fcc9a1e518ae581d1ba8cad7efc434cce4035ed39bbd8e05b61cb27d
-
SHA512
c74ac3afbfd44b15f6a6b133292db036c2900f9bf28be5449f0ebb640ce15d81b94bedba75671faa4e4c2a7b5c827fbd97144053f82f103257de7e6d5c1aeba6
-
SSDEEP
98304:cL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaL:I9SJ4yTnCtCAbspfvRaL
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-