General
-
Target
c0eb12db3783ac977f590737cc4d7b841d28c8d775a5071b1b82ed0c1fcf50af
-
Size
4.2MB
-
Sample
230608-fnzd8acc96
-
MD5
9caecad915e684996ba40863de9f2f6d
-
SHA1
c0736de1e60d494aa0bd7e8a7bd850410a75fd9f
-
SHA256
c0eb12db3783ac977f590737cc4d7b841d28c8d775a5071b1b82ed0c1fcf50af
-
SHA512
a52faf3fbcab4bed4bc464e9a2c81cf90ec6fce09912b5f14b89e2331664e1140473a0cb53dc7e55735eb173291c57d98ae7a1836a10b4c8f7a75c296daaea6d
-
SSDEEP
98304:8L9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaF:o9SJ4yTnCtCAbspfvRaF
Static task
static1
Malware Config
Targets
-
-
Target
c0eb12db3783ac977f590737cc4d7b841d28c8d775a5071b1b82ed0c1fcf50af
-
Size
4.2MB
-
MD5
9caecad915e684996ba40863de9f2f6d
-
SHA1
c0736de1e60d494aa0bd7e8a7bd850410a75fd9f
-
SHA256
c0eb12db3783ac977f590737cc4d7b841d28c8d775a5071b1b82ed0c1fcf50af
-
SHA512
a52faf3fbcab4bed4bc464e9a2c81cf90ec6fce09912b5f14b89e2331664e1140473a0cb53dc7e55735eb173291c57d98ae7a1836a10b4c8f7a75c296daaea6d
-
SSDEEP
98304:8L9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaF:o9SJ4yTnCtCAbspfvRaF
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-