General
-
Target
5fbbeb3857746bf38ea50ecfd8574c4f2f93762ef8cd82b903ef140d6e6c9d92
-
Size
4.2MB
-
Sample
230608-fshbhacd48
-
MD5
7203187a21507d30ef01e6a5e7052d00
-
SHA1
730dd42da75cb7c9a6bbd909724996688e2e3c7f
-
SHA256
5fbbeb3857746bf38ea50ecfd8574c4f2f93762ef8cd82b903ef140d6e6c9d92
-
SHA512
81073b056c71b00744a21bcf50d27a3dd8f0b7addd3efef6aed00ff968324066ec704af56ddda2896d7a25c3a5e0376f7a63569f0ab9678bfb456d8a2f2bdd34
-
SSDEEP
98304:UL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaG:A9SJ4yTnCtCAbspfvRaG
Static task
static1
Malware Config
Targets
-
-
Target
5fbbeb3857746bf38ea50ecfd8574c4f2f93762ef8cd82b903ef140d6e6c9d92
-
Size
4.2MB
-
MD5
7203187a21507d30ef01e6a5e7052d00
-
SHA1
730dd42da75cb7c9a6bbd909724996688e2e3c7f
-
SHA256
5fbbeb3857746bf38ea50ecfd8574c4f2f93762ef8cd82b903ef140d6e6c9d92
-
SHA512
81073b056c71b00744a21bcf50d27a3dd8f0b7addd3efef6aed00ff968324066ec704af56ddda2896d7a25c3a5e0376f7a63569f0ab9678bfb456d8a2f2bdd34
-
SSDEEP
98304:UL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koaG:A9SJ4yTnCtCAbspfvRaG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-