General
-
Target
4eb441c898f7cbd0ac987c2de038a7a0d8f29dd1f666ab558e6e59ba15fc5f79
-
Size
4.2MB
-
Sample
230608-f4gt4sdb2s
-
MD5
f1d4bdcbd90815a9819642714c4f5824
-
SHA1
d4f316b64923cd3205f36f17d20a95d5a79069ff
-
SHA256
4eb441c898f7cbd0ac987c2de038a7a0d8f29dd1f666ab558e6e59ba15fc5f79
-
SHA512
897ec562859d63169407e6d4fa35d9cb00524f9c10e71c0aded9f818dfb410f75eeab264ef52876770946166d5a5cb9dda77d11d2f01ad9109eab905380a8377
-
SSDEEP
98304:cL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koak:I9SJ4yTnCtCAbspfvRak
Static task
static1
Malware Config
Targets
-
-
Target
4eb441c898f7cbd0ac987c2de038a7a0d8f29dd1f666ab558e6e59ba15fc5f79
-
Size
4.2MB
-
MD5
f1d4bdcbd90815a9819642714c4f5824
-
SHA1
d4f316b64923cd3205f36f17d20a95d5a79069ff
-
SHA256
4eb441c898f7cbd0ac987c2de038a7a0d8f29dd1f666ab558e6e59ba15fc5f79
-
SHA512
897ec562859d63169407e6d4fa35d9cb00524f9c10e71c0aded9f818dfb410f75eeab264ef52876770946166d5a5cb9dda77d11d2f01ad9109eab905380a8377
-
SSDEEP
98304:cL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koak:I9SJ4yTnCtCAbspfvRak
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-